pricerealcheap.com. 86400 IN NS ns1.reg.ru. pricerealcheap.com. 86400 IN NS ns2.reg.ru. pricerealcheap.com. 86400 IN A 104.223.213.139 pricerealcheap.com. 86400 IN SOA ns1.reg.ru. hostmaster.ns1.reg.ru. 1635855939 14400 3600 604800 10800 priceshop24x7.su. 86400 IN SOA ns1.reg.ru. hostmaster.ns1.reg.ru. 1636040579 14400 3600 604800 10800 priceshop24x7.su. 86400 IN A 104.223.213.139 priceshop24x7.su. 86400 IN NS ns1.reg.ru. priceshop24x7.su. 86400 IN NS ns2.reg.ru.
Рубрика: reg.ru
DCRat botnet controller @188.93.211.136
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. DCRat botnet controller located at 188.93.211.136 on port 80 (using HTTP GET): hXXp://188.93.211.136/javascriptwordpress.php $ nslookup 188.93.211.136 188-93-211-136.cloudvps.regruhosting.ru Referencing malware binaries (MD5 hash): 191f7b31782f54fc168021567d37bd79 — AV detection: 52… Читать далее DCRat botnet controller @188.93.211.136
Malware / Botnet / Phishing hosting server @91.224.22.55
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 91.224.22.55 on port… Читать далее Malware / Botnet / Phishing hosting server @91.224.22.55
Spam emitter
This is sending porn spam while pretending to be a NASA.GOV IP Received: from [89.108.77.122] ([89.108.77.122:57218] by XXX (envelope-from <>) (ecelerity 3.6.25.56547 r(Core:3.6.25.0)) with ESMTP id 33/3F-61936-DD369716; Wed, 27 Oct 2021 user50$ host 89.108.77.122 122.77.108.89.in-addr.arpa domain name pointer ndgrsmtp01.ndc.nasa.gov. whois 89.108.77.122 % IANA WHOIS server % for more information on IANA, visit http://www.iana.org % This… Читать далее Spam emitter
spam emitter @80.78.248.73
Received: from massiveradar.xyz (massiveradar.xyz. [80.78.248.73]) Date: Sun, 10 Oct 2021 16:1x:xx +0000 Subject: BETAALCODE —€[usernname]€ 📩PAYOUT_VERIFICATION 💰€150.000💰WACHT OP U…__ From: 💵Slot Hunter💵 <contact@dailyprosperousnow.com>
Malware / Botnet / Phishing hosting server @193.187.175.8
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. $ telnet 194.67.105.201 443 Trying 194.67.105.201… Connected to… Читать далее Malware / Botnet / Phishing hosting server @193.187.175.8
Carding fraud site/forum: wixxx.cc
Stolen credit card data websites. «WIXXX.CC ▶ CC+CVV» https://procrd.biz/threads/wixxx-cc-cc-cvv.22870/page-2#post-142105 >>> https://wixxx.cc/login.php https://carder.uk/ >>> https://wixxx.cc/login.php wixxx.cc. 600 IN A 185.46.11.67 _____________ Was: wixxx.cc. 600 IN A 37.140.198.103 _____________ Was: wixxx.cc. 600 IN A 91.203.193.82 _____________ Was: wixxx.cc. 599 IN A 165.227.203.115 _____________ Was: wixxx.cc. 599 IN A 193.187.173.42 _____________ Was: 31.40.251.82 wixxx.cc 2021-07-25 21:35:42 _____________ Was:… Читать далее Carding fraud site/forum: wixxx.cc