briansclub.cm. 600 IN A 176.119.147.190 _______________________________ Was: 185.244.172.79 briansclub.cm 2022-03-04 03:29:56 _______________________________ Was: 34.65.197.40 luxchecker.pm 2022-02-15 03:02:33 34.65.197.40 luxchecker.pw 2022-02-14 18:27:31 34.65.197.40 briankrebs.cm 2022-02-07 13:01:01 34.65.197.40 briansclub.cm 2022-02-08 01:25:33 34.65.197.40 marketo.best 2022-02-08 12:08:53 34.65.197.40 marketo.cash 2022-02-08 12:09:48 34.65.197.40 marketo.center 2022-02-08 12:08:22 34.65.197.40 marketo.city 2022-02-08 12:08:51 34.65.197.40 marketo.cloud 2022-02-08 12:08:16 _______________________________ Was: marketo.best. 600 IN A… Читать далее Cybercrime sites
Рубрика: sprinthost.ru
Malware botnet controller @185.251.89.83
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 185.251.89.83 on port 443: $ telnet 185.251.89.83 443 Trying 185.251.89.83… Connected to 185.251.89.83. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @185.251.89.83
Malware distribution & botnet controller @185.251.91.198
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.251.91.198 on port 443: $ telnet 185.251.91.198 443 Trying 185.251.91.198… Connected to 185.251.91.198. Escape character is… Читать далее Malware distribution & botnet controller @185.251.91.198
Loki botnet controller @185.251.91.120
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 185.251.91.120 on port 80 (using HTTP POST): hXXp://hstfurnaces.net/gd4/fre.php hstfurnaces.net. 600 IN A 185.251.91.120 Referencing malware binaries (MD5 hash): 0d5b6c1f4ae4856fb7e00acd033c7938 — AV detection:… Читать далее Loki botnet controller @185.251.91.120
Smoke Loader botnet controller @185.251.91.214
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 185.251.91.214 on port 80 (using HTTP POST): hXXp://afrocalite.ga/ afrocalite.ga. 600 IN A 185.251.91.214 Referencing malware binaries (MD5 hash): 3d75271eb12cedd6440f8ed22724840c — AV… Читать далее Smoke Loader botnet controller @185.251.91.214
Hosting phishing domains
ajaxtracker.com. 600 IN A 185.251.88.120 jqueryllc.net. 600 IN A 185.251.88.120 ______________________ Was: ajaxtracker.com. 600 IN A 185.87.51.67 jqueryllc.net. 600 IN A 185.87.51.67 ______________________ Was: 80.66.64.193 ajaxtracker.com 2022-03-01 19:41:33 80.66.64.193 jqueryllc.net 2022-03-01 18:42:55 ______________________ Was: ajaxtracker.com. 600 IN A 2.57.186.110 coupon-popup.net. 600 IN A 2.57.186.110 ______________________ Was: ajaxtracker.com. 600 IN A 91.142.77.233 coupon-popup.net. 600 IN A… Читать далее Hosting phishing domains
Loki botnet controller @185.251.89.49
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 185.251.89.49 on port 80 (using HTTP POST): hXXp://hstfurnaces.net/gd4/fre.php hstfurnaces.net. 600 IN A 185.251.89.49 Referencing malware binaries (MD5 hash): 0d5b6c1f4ae4856fb7e00acd033c7938 — AV detection:… Читать далее Loki botnet controller @185.251.89.49
Hosting phishing domains
ajaxtracker.com. 600 IN A 141.8.194.6 coupon-popup.net. 600 IN A 141.8.194.6 ______________________ Was: ajaxtracker.com. 600 IN A 5.188.133.204 coupon-popup.net. 600 IN A 5.188.133.204 ______________________ Was: 31.28.27.127 ajaxtracker.com 2022-02-26 15:36:28 31.28.27.127 cdn-cgi.net 2022-02-27 04:37:46 31.28.27.127 coupon-popup.net 2022-02-27 04:40:34 31.28.27.127 guardns.biz 2022-01-20 18:13:23 31.28.27.127 jquery-ui.net 2022-02-27 03:46:23 31.28.27.127 jquerylibs.net 2022-02-27 04:20:19 31.28.27.127 jqueryllc.net 2022-02-27 03:29:19 31.28.27.127 magento-plugin.com 2022-02-27… Читать далее Hosting phishing domains
Loki botnet controller @176.119.147.3
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 176.119.147.3 on port 80 (using HTTP POST): hXXp://hstfurnaces.net/gd4/fre.php $ dig +short hstfurnaces.net 176.119.147.3 Referencing malware binaries (MD5 hash): 0d5b6c1f4ae4856fb7e00acd033c7938 — AV detection:… Читать далее Loki botnet controller @176.119.147.3
Malware / Botnet / Phishing hosting server @185.185.70.179
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 185.185.70.179 port 443… Читать далее Malware / Botnet / Phishing hosting server @185.185.70.179