Google hosts the A record and website of the domain mindregal.com. This domain is spamming through Elasticmail. Received: from m243.mxout.mta4.net (m243.mxout.mta4.net [67.227.85.243]) Date: Wed, 02 Feb 2022 14:##:## +0000 From: Jose Mora <info@mindregal.com> Subject: 2022 Advanced Course On Lean Documents <x> <snip> https://mindregal.com An Advanced Course On Lean Documents, Lean Configuration And Document Control <snip>… Читать далее Spam Emitters (Ijona Services)

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 35.238.161.88 on port 443: $ telnet 35.238.161.88 443 Trying 35.238.161.88… Connected to 35.238.161.88. Escape character is… Читать далее Malware botnet controller @35.238.161.88

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 34.88.171.120 port 443… Читать далее Malware / Botnet / Phishing hosting server @34.88.171.120

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 34.65.143.203 on port 443: $ telnet 34.65.143.203 443 Trying 34.65.143.203… Connected to 34.65.143.203. Escape character is… Читать далее Malware botnet controllers @34.65.143.203

34.84.63.160 mail-amzne.3utilities.com 34.84.63.160 mail-amzn.servegame.com 34.84.63.160 mail-amzn.serveftp.com 34.84.63.160 mail-amzn.servehttp.com 34.84.63.160 mail-amzn.servebeer.com 34.84.63.160 mail-amzon.servebeer.com 34.84.63.160 mail-amzen.serveirc.com 34.84.63.160 mail-amzon.serveirc.com 34.84.63.160 mail-amzn.serveirc.com 34.84.63.160 mail-amzne.servemp3.com 34.84.63.160 mail-amzon.onthewifi.com 34.84.63.160 mail-amzn.myvnc.com 34.84.63.160 mail-amzen.servehalflife.com It is unusual not to find Rakuten here too. They often mix the too.

More of the same here: 34.146.212.241 mail-amozvn.onthewifi.com Very likely this is the same operator. 34.84.63.160 mail-amzne.3utilities.com 34.84.63.160 mail-amzn.servegame.com 34.84.63.160 mail-amzn.serveftp.com 34.84.63.160 mail-amzn.servehttp.com 34.84.63.160 mail-amzn.servebeer.com 34.84.63.160 mail-amzon.servebeer.com 34.84.63.160 mail-amzen.serveirc.com 34.84.63.160 mail-amzon.serveirc.com 34.84.63.160 mail-amzn.serveirc.com 34.84.63.160 mail-amzne.servemp3.com 34.84.63.160 mail-amzon.onthewifi.com 34.84.63.160 mail-amzn.myvnc.com 34.84.63.160 mail-amzen.servehalflife.com It is unusual not to find Rakuten here too. They often mix the too.

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 34.121.148.157 on port 443: $ telnet 34.121.148.157 443 Trying 34.121.148.157… Connected to 34.121.148.157. Escape character is… Читать далее Malware botnet controller @34.121.148.157

Stolen credit card data websites. «WIXXX.CC ▶ CC+CVV» https://procrd.biz/threads/wixxx-cc-cc-cvv.22870/page-2#post-142105 >>> https://wixxx.cc/login.php https://carder.uk/ >>> https://wixxx.cc/login.php wixxx.cc. 600 IN A 35.205.116.76 _____________ Was: wixxx.cc. 600 IN A 185.251.89.49 _____________ Was: wixxx.cc. 600 IN A 193.124.24.123 _____________ Was: wixxx.cc. 592 IN A 2.57.186.61 _____________ Was: wixxx.cc. 600 IN A 91.203.193.48 _____________ Was: wixxx.cc. 600 IN A 176.118.165.216 _____________… Читать далее Carding fraud site/forum: wixxx.cc

35.235.93.73|acc-chase03bsverificationserver.dynamic-dns.net|2022-01-26 18:15:49 35.235.93.73|acc-hills-verify.com|2022-01-31 18:01:21 35.235.93.73|acc-uspsverify.com|2022-02-02 22:22:22 35.235.93.73|capitaloneuser-verification.com|2022-02-01 20:36:29 35.235.93.73|capitaloneuser-verify.com|2022-02-01 17:27:38 35.235.93.73|online-hills.com|2022-01-31 15:57:02 35.235.93.73|user-mtverify-03serverbase.com|2022-01-29 21:26:11 35.235.93.73|user-mtverify.com|2022-01-29 21:46:13 35.235.93.73|user-uspsverify.com|2022-02-02 18:58:01 35.235.93.73|userhills-verification.com|2022-01-31 16:12:48 35.235.93.73|users-capitaloneverify.com|2022-02-01 18:26:38 35.235.93.73|verify-hillsacc-user-processed.com|2022-01-31 18:01:20 35.235.93.73|verify-mtbuser-server04.dynamic-dns.net|2022-01-27 19:27:57 35.235.93.73|verify-uspsprocess.com|2022-02-02 19:16:51 35.235.93.73|verifycapitalone-acc.com|2022-02-03 17:37:09 35.235.93.73|www.verify-mtbuser-server04.dynamic-dns.net|2022-01-27 19:27:57

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 34.71.71.46 on port 443: $ telnet 217.25.89.114 443 Trying 217.25.89.114… Connected to 217.25.89.114. Escape character is… Читать далее Malware botnet controllers @34.71.71.46