Рубрика: selectel.ru

Received: from s11.megojom.ru (megojom.ru [109.71.11.236]) Date: Sat, 13 Nov 2021 16:3x:xx +0000 From: Aleksandr <info@s11.megojom.ru> Subject: Предложение 109.71.11.234 eseneno.ru 109.71.11.235 yeremont.ru 109.71.11.236 megojom.ru 109.71.11.237 uwentos.ru 109.71.11.238 dsergom.ru

The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://nutriescapa.com/index.php $ dig +short nutriescapa.com 195.133.74.88 $ nslookup 195.133.74.88 ushandronka66.example.com

The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://nutriescapa.com/index.php nutriescapa.com. 600 IN A 195.133.74.88 Referencing malware binaries (MD5 hash): 3da25ccfa9c258e3ae26854391531c7b — AV detection: 35 / 67 (52.24) d6cee6f41e75d48e65ad08cade696c18 — AV detection: 42 / 69 (60.87) d99b64f408d7868a7484c2325d1c453a — AV detection: 38 / 66 (57.58) f152f48b6c86dfe99418ef0c76fd42ec — AV… Читать далее Malware distribution @195.133.74.88

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 5.8.76.208 on port 443 TCP: $ telnet 5.8.76.208 443 Trying 5.8.76.208… Connected to 5.8.76.208. Escape character… Читать далее Malware botnet controller @5.8.76.208

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 195.133.74.86 on port 443 TCP: $ telnet 195.133.74.86 443 Trying 195.133.74.86… Connected to 195.133.74.86. Escape character… Читать далее Malware botnet controller @195.133.74.86

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.8.127.216 on port 443: $ telnet 45.8.127.216 443 Trying 45.8.127.216… Connected to 45.8.127.216. Escape character is… Читать далее Malware botnet controllers @45.8.127.216

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 45.8.127.131 on port… Читать далее Malware / Botnet / Phishing hosting server @45.8.127.131

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Kovter botnet controller located at 91.213.50.136 on port 80 (using HTTP GET): hXXp://91.213.50.136/QgIc/gate.php Referencing malware binaries (MD5 hash): bfdf6b8b7c1edd61333b1659222c3457 — AV detection: 10 / 68 (14.71)

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware distribution @194.87.185.127: hXXp://eguntong.com/pub33.exe Malware botnet controller located… Читать далее Malware / Botnet / Phishing hosting server @194.87.185.127

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 5.8.76.207 on port 443: $ telnet 5.8.76.207 443 Trying 5.8.76.207… Connected to 5.8.76.207. Escape character is… Читать далее Malware botnet controllers @5.8.76.207