hXXp://irs.gov-assistance-center.com/r/…. $ host irs.gov-assistance-center.com irs.gov-assistance-center.com has address 62.210.119.154
Vjw0rm botnet controller @64.225.56.31
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 64.225.56.31 on port 7891 TCP: $ telnet 64.225.56.31 7891 Trying 64.225.56.31… Connected to 64.225.56.31. Escape character… Читать далее Vjw0rm botnet controller @64.225.56.31
spam source
[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. + 54.240.68.182 a68-182.smtp-out.amazonses.com «a68-182.smtp-out.amazonses.com» 2022-01-13T22:30:00Z (+/-10 min) + 54.240.68.189 a68-189.smtp-out.amazonses.com «a68-189.smtp-out.amazonses.com»… Читать далее spam source
NetWire botnet controller @52.188.19.78
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 52.188.19.78 on port 6655 TCP: $ telnet 52.188.19.78 6655 Trying 52.188.19.78… Connected to 52.188.19.78. Escape character… Читать далее NetWire botnet controller @52.188.19.78
RemcosRAT botnet controller @52.188.19.78
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 52.188.19.78 on port 2404 TCP: $ telnet 52.188.19.78 2404 Trying 52.188.19.78… Connected to 52.188.19.78. Escape character… Читать далее RemcosRAT botnet controller @52.188.19.78
RedLineStealer botnet controller @135.181.12.183
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 135.181.12.183 on port 45253 TCP: $ telnet 135.181.12.183 45253 Trying 135.181.12.183… Connected to 135.181.12.183. Escape character… Читать далее RedLineStealer botnet controller @135.181.12.183
Spamvertised website
2022-01-18 gotogml.com. 60 IN A 5.188.160.30 Received: from iustocouny.newdom.com (20.77.57.222) Date: Mon, 17 Jan 2022 12:34:00 +0000 From: 💖💖 Charming Russian Girls 💖💖 <> Subject: Find Your Russian Girl Who is Your Destiny 😍😍 https://storage.googleapis.com/emsidan/clickk.html#[] 142.250.65.80 http://gotogml.com/track/[] 5.188.160.20 https://www.thenameiva.com/[]/?sub1=10&sub2=[]&sub3=[] 185.95.85.177 https://www.meetrussianlady.com/qa/register03.php?aid=1607&oid=CP282603&qpid_offer_id=[]&qpid_subid=1989&qpid_clickid=[]&source_tag= 54.193.5.120
phishing server
Longterm phishing server 51.161.33.140|apple-me.us|2022-01-08 11:56:25 51.161.33.140|apple-store.us|2022-01-07 07:27:00 51.161.33.140|appleid-maps.us|2022-01-08 15:03:56 51.161.33.140|applestore-app.us|2022-01-05 18:26:33 51.161.33.140|findmyiphone-devices.com|2022-01-18 06:41:45 51.161.33.140|idevices-help.us|2022-01-08 07:21:15 51.161.33.140|mi-account.us|2022-01-05 18:26:45 51.161.33.140|spectrosserver2.us|2022-01-18 06:41:13 51.161.33.140|supp-flndmylphone.us|2022-01-05 17:41:32 51.161.33.140|support-findmyiphone.us|2022-01-04 20:51:40 51.161.33.140|support-id.support|2022-01-11 14:53:05
spam source
[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. 23.251.255.160 e255-160.smtp-out.amazonses.com «e255-160.smtp-out.amazonses.com» 2022-01-13T15:40:00Z (+/-10 min) 23.251.255.165 e255-165.smtp-out.amazonses.com «e255-165.smtp-out.amazonses.com» 2022-01-13T15:40:00Z (+/-10… Читать далее spam source
Spam Emitter (OMICS)
This IP address is sending spam for OMICS, a publisher of «open-access» journals that spams scraped, purchased, or appended lists to solicit contributions and (by implication) subscriptions to its journals. OMICS has many previous and current SBL listings. Received: from e1.journalscholar.biz (e1.journalscholar.biz [159.203.185.146]) Received: from 209.105.239.144 (unknown [209.105.239.144]) Date: Tue, 18 Jan 2022 09:##:## +0530… Читать далее Spam Emitter (OMICS)