Very similar spam from 5.188.158.69 and 5.188.158.212. URL: https://www.goldothers.com/… https://jbrbro.page.link/… ============================================================================ Return-Path: <> Received: from aznavrchol.cz (unknown [5.188.158.212]) by x (Postfix) with ESMTP id x for <x>; Fri, 4 Feb 2022 xx:xx:xx +0000 (UTC) MIME-Version: 1.0 From:x<x@x> Subject:Holen Sie sich 50 % Rabatt auf dieses Übersetzergerät! Begrenzter Vorrat! Reply-To: reply_x.x@x To: x Content-Transfer-Encoding: 7bit Content-Type:… Читать далее spam source
Рубрика: selectel.ru
spam source
Very similar spam from 5.188.158.69 and 5.188.158.212. URL: https://www.goldothers.com/… https://jbrbro.page.link/… ============================================================================ Return-Path: <> Received: from aznavrchol.cz (unknown [5.188.158.212]) by x (Postfix) with ESMTP id x for <x>; Fri, 4 Feb 2022 xx:xx:xx +0000 (UTC) MIME-Version: 1.0 From:x<x@x> Subject:Holen Sie sich 50 % Rabatt auf dieses Übersetzergerät! Begrenzter Vorrat! Reply-To: reply_x.x@x To: x Content-Transfer-Encoding: 7bit Content-Type:… Читать далее spam source
Spamvertised website
2022-01-20 gotogml.com. 60 IN A 194.87.185.11 2022-01-18 gotogml.com. 60 IN A 5.188.160.30 Received: from iustocouny.newdom.com (20.77.57.222) Date: Mon, 17 Jan 2022 12:34:00 +0000 From: 💖💖 Charming Russian Girls 💖💖 <> Subject: Find Your Russian Girl Who is Your Destiny 😍😍 https://storage.googleapis.com/emsidan/clickk.html#[] 142.250.65.80 http://gotogml.com/track/[] 5.188.160.20 https://www.thenameiva.com/[]/?sub1=10&sub2=[]&sub3=[] 185.95.85.177 https://www.meetrussianlady.com/qa/register03.php?aid=1607&oid=CP282603&qpid_offer_id=[]&qpid_subid=1989&qpid_clickid=[]&source_tag= 54.193.5.120
RedLineStealer botnet controller @37.9.13.169
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 37.9.13.169 on port 63912 TCP: $ telnet 37.9.13.169 63912 Trying 37.9.13.169… Connected to 37.9.13.169. Escape character… Читать далее RedLineStealer botnet controller @37.9.13.169
Malware botnet controller @194.87.185.5
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.5 on port 443: $ telnet 194.87.185.5 443 Trying 194.87.185.5… Connected to 194.87.185.5. Escape character is… Читать далее Malware botnet controller @194.87.185.5
Tofsee botnet controller @194.87.185.165
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.165 on port 443 TCP: $ telnet 194.87.185.165 443 Trying 194.87.185.165… Connected to 194.87.185.165. Escape character… Читать далее Tofsee botnet controller @194.87.185.165
Spamvertised website
2022-01-18 gotogml.com. 60 IN A 5.188.160.30 Received: from iustocouny.newdom.com (20.77.57.222) Date: Mon, 17 Jan 2022 12:34:00 +0000 From: 💖💖 Charming Russian Girls 💖💖 <> Subject: Find Your Russian Girl Who is Your Destiny 😍😍 https://storage.googleapis.com/emsidan/clickk.html#[] 142.250.65.80 http://gotogml.com/track/[] 5.188.160.20 https://www.thenameiva.com/[]/?sub1=10&sub2=[]&sub3=[] 185.95.85.177 https://www.meetrussianlady.com/qa/register03.php?aid=1607&oid=CP282603&qpid_offer_id=[]&qpid_subid=1989&qpid_clickid=[]&source_tag= 54.193.5.120
Malware / Botnet / Phishing hosting server @78.155.222.138
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 78.155.222.138 port 443… Читать далее Malware / Botnet / Phishing hosting server @78.155.222.138
Spamvertised website
Received: from iustocouny.newdom.com (20.77.57.222) Date: Mon, 17 Jan 2022 12:34:00 +0000 From: 💖💖 Charming Russian Girls 💖💖 <> Subject: Find Your Russian Girl Who is Your Destiny 😍😍 https://storage.googleapis.com/emsidan/clickk.html#[] 142.250.65.80 http://gotogml.com/track/[] 5.188.160.20 https://www.thenameiva.com/[]/?sub1=10&sub2=[]&sub3=[] 185.95.85.177 https://www.meetrussianlady.com/qa/register03.php?aid=1607&oid=CP282603&qpid_offer_id=[]&qpid_subid=1989&qpid_clickid=[]&source_tag= 54.193.5.120
Spamvertised bitcoin scam. (herocryptos.cn // cryptodot.one)
Was SBL540919_185.251.89.6 now back on selectel. Resolving herocryptos.cn (herocryptos.cn)… 82.202.194.17 Connecting to herocryptos.cn (herocryptos.cn)|82.202.194.17|:80… connected. HTTP request sent, awaiting response… 302 Found Location: https://cryptodot.one/lead/1/x[following] Was SBL540775 45.134.255.218/32 Resolving herocryptos.cn (herocryptos.cn)… 185.251.89.6 Connecting to herocryptos.cn (herocryptos.cn)|185.251.89.6|:80… connected. HTTP request sent, awaiting response… 302 Found Location: https://cryptodot.one/lead/1/x[following] Was SBL540579 194.147.87.74/32 Resolving herocryptos.cn (herocryptos.cn)… 45.134.255.218 Connecting to herocryptos.cn… Читать далее Spamvertised bitcoin scam. (herocryptos.cn // cryptodot.one)