The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 135.125.40.67 on port 49126 TCP: $ telnet 135.125.40.67 49126 Trying 135.125.40.67… Connected to 135.125.40.67. Escape character… Читать далее RedLineStealer botnet controller @135.125.40.67
Рубрика: ovh.net
Suspected Snowshoe Spam IP Range
Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a precaution therefore we are listing this IP range in an SBL… Читать далее Suspected Snowshoe Spam IP Range
Suspected Snowshoe Spam IP Range
Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a precaution therefore we are listing this IP range in an SBL… Читать далее Suspected Snowshoe Spam IP Range
xtz31.top
This IP address is sending spam for various companies. It belongs to @Mail250, a distributed bulk email platform that is difficult to identify due to its use of multiple anonymous (in every sense) domains and scattered sender IP addresses. Received: from xtz31.top (xtz31.top [192.99.54.21]) Date: Fri, 5 Nov 2021 05:##:## +0530 From: Ana Sanchez <comercial@textilbejar.com>… Читать далее xtz31.top
mmr95.top
This IP address is sending spam for various companies. It belongs to @Mail250, a distributed bulk email platform that is difficult to identify due to its use of multiple anonymous (in every sense) domains and scattered sender IP addresses. Received: from mmr95.top (mmr95.top [167.114.115.101]) Date: Wed, 3 Nov 2021 22:##:## +0530 From: Promociones Novaweb <info@novaweb.com.pe>… Читать далее mmr95.top
theopenjournals.com
This IP address is sending spam for OMICS, a publisher of «peer-reviewed open access journals» that advertises those journals by spamming scraped, purchased or email appended addresses. SENDINGIPs: 51.222.232.128 smtp.a.theopenjournals.com 51.222.232.129 smtp.b.theopenjournals.com 51.222.232.130 smtp.c.theopenjournals.com 51.222.232.131 smtp.d.theopenjournals.com 51.222.232.132 smtp.e.theopenjournals.com 51.222.232.133 smtp.f.theopenjournals.com 51.222.232.134 smtp.g.theopenjournals.com 51.222.232.135 smtp.h.theopenjournals.com 51.222.232.136 smtp.i.theopenjournals.com 51.222.232.137 smtp.j.theopenjournals.com 51.222.232.138 smtp.k.theopenjournals.com 51.222.232.139 smtp.l.theopenjournals.com 51.222.232.140 smtp.m.theopenjournals.com 51.222.232.141… Читать далее theopenjournals.com
RedLineStealer botnet controller @141.94.188.139
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 141.94.188.139 on port 43059 TCP: $ telnet 141.94.188.139 43059 Trying 141.94.188.139… Connected to 141.94.188.139. Escape character… Читать далее RedLineStealer botnet controller @141.94.188.139
Malware botnet controller @66.70.173.61
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 66.70.173.61 on port 80 (using HTTP GET): hXXp://66.70.173.61/cont3/inspecionando.php $ nslookup 66.70.173.61 ip61.ip-66-70-173.net
Malware distribution @51.89.115.101
The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://51.89.115.101/44504.5837228009.dat $ nslookup 51.89.115.101 secure-3111.buzztary.com Referencing malware binaries (MD5 hash): 05d20f2a19b8933792300b1b4f246e0f — AV detection: 32 / 73 (43.84) 0ed45dee4e4497eb96e5a164d5c2253e — AV detection: 45 / 71 (63.38) 13f2fdc3fa774a31b21747223e17f135 — AV detection: 37 / 71 (52.11) 19e04d9324e4a8b8b8f64637a6b91969 — AV detection:… Читать далее Malware distribution @51.89.115.101
theopenjournals.com
This /28 is sending spam for a publisher of «peer-reviewed open access journals» advertised by spam sent to scraped or appended email addresses. The same spammer is present in 15.235.16.128/26, which is also listed in the SBL. SENDING IPs: 15.235.16.208 pmc.k.theopenjournals.com 15.235.16.209 pmc.l.theopenjournals.com 15.235.16.210 pmc.m.theopenjournals.com 15.235.16.211 pmc.n.theopenjournals.com 15.235.16.212 pmc.o.theopenjournals.com 15.235.16.213 pmc.p.theopenjournals.com 15.235.16.214 pmc.q.theopenjournals.com 15.235.16.215 pmc.r.theopenjournals.com… Читать далее theopenjournals.com