Received: from s4.sergonet.ru (sergonet.ru [5.188.128.202]) Date: Thu, 30 Dec 2021 20:2x:xx +0000 From: Aleksandr <info@s4.sergonet.ru> Subject: Предложение 5.188.128.202 sergonet.ru 5.188.128.203 trebonow.ru 5.188.128.204 derwerer.ru 5.188.128.205 welbryh.ru 5.188.128.206 yeremont.ru
Рубрика: selectel.ru
spam emitters
Received: from s1.sergonet.ru (sergonet.ru [82.202.198.149]) Date: Wed, 29 Dec 2021 10:2x:xx +0000 From: Aleksandr <info@s1.sergonet.ru> Subject: Предложение 82.202.198.146 trebonow.ru 82.202.198.147 derwerer.ru 82.202.198.148 welbryh.ru 82.202.198.149 sergonet.ru 82.202.198.150 yeremont.ru
Malware botnet controller @80.249.149.129
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 80.249.149.129 on port 443: $ telnet 80.249.149.129 443 Trying 80.249.149.129… Connected to 80.249.149.129. Escape character is ‘^]’ Malicious domains observed at this… Читать далее Malware botnet controller @80.249.149.129
Malware botnet controllers @77.223.99.210
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 77.223.99.210 on port 443: $ telnet 77.223.99.210 443 Trying 77.223.99.210… Connected to 77.223.99.210. Escape character is… Читать далее Malware botnet controllers @77.223.99.210
Botnet spammed phishing domains: Phishing Google users.
googletags-manager.com. 600 IN A 194.87.185.92 _____________ Was: 77.87.212.240 aero-flct.com 2021-12-16 09:01:12 77.87.212.240 aeroflct.name 2021-12-16 05:20:43 77.87.212.240 google-site-verification.com 2021-12-27 02:11:27 77.87.212.240 googletags-manager.com 2021-12-27 02:31:08 77.87.212.240 script-analytic.com 2021-12-25 02:15:42 77.87.212.240 script-analytics.com 2021-12-26 02:00:53 _____________ Was: 176.119.147.175 google-site-verification.com 2021-12-07 02:19:21 176.119.147.175 googletags-manager.com 2021-12-08 01:31:04 176.119.147.175 script-analytic.com 2021-12-08 01:43:58 176.119.147.175 script-analytics.com 2021-12-07 02:11:05 _____________ Was: google-site-verification.com. 600 IN A… Читать далее Botnet spammed phishing domains: Phishing Google users.
Carding fraud site/forum: infodig.is (InfoDIG.sx InfoDIG.ch InfoDIG.domains infodig.mn)
Stolen credit card data websites: https://ascarding.com/ >>> https://infodig.is/ infodig.ch. 600 IN A 79.143.29.96 infodig.domains. 600 IN A 79.143.29.96 infodig.sx. 600 IN A 79.143.29.96 ________________ Was: infodig.ch. 600 IN A 8.209.108.169 infodig.domains. 600 IN A 8.209.108.169 infodig.sx. 600 IN A 8.209.108.169 ________________ Was: infodig.ch. 600 IN A 141.8.194.16 infodig.domains. 600 IN A 141.8.194.16 infodig.sx. 600 IN… Читать далее Carding fraud site/forum: infodig.is (InfoDIG.sx InfoDIG.ch InfoDIG.domains infodig.mn)
RedLineStealer botnet controller @62.182.156.183
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 62.182.156.183 on port 42926 TCP: $ telnet 62.182.156.183 42926 Trying 62.182.156.183… Connected to 62.182.156.183. Escape character… Читать далее RedLineStealer botnet controller @62.182.156.183
ArkeiStealer botnet controller @82.148.18.132
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. ArkeiStealer botnet controller located at 82.148.18.132 on port 80 (using HTTP POST): hXXp://file-file-host4.com/tratata.php $ dig +short file-file-host4.com 82.148.18.132 $ nslookup 82.148.18.132 refrigeramentos01.superservidores.cloud Referencing malware binaries (MD5 hash):… Читать далее ArkeiStealer botnet controller @82.148.18.132
Malware botnet controller @194.87.185.85
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.85 on port 443: $ telnet 194.87.185.85 443 Trying 194.87.185.85… Connected to 194.87.185.85. Escape character is… Читать далее Malware botnet controller @194.87.185.85
RedLineStealer botnet controller @62.182.156.182
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 62.182.156.182 on port 21588 TCP: $ telnet 62.182.156.182 21588 Trying 62.182.156.182… Connected to 62.182.156.182. Escape character… Читать далее RedLineStealer botnet controller @62.182.156.182