Was SBL540919_185.251.89.6 now back on selectel. Resolving herocryptos.cn (herocryptos.cn)… 82.202.194.17 Connecting to herocryptos.cn (herocryptos.cn)|82.202.194.17|:80… connected. HTTP request sent, awaiting response… 302 Found Location: https://cryptodot.one/lead/1/x[following] Was SBL540775 45.134.255.218/32 Resolving herocryptos.cn (herocryptos.cn)… 185.251.89.6 Connecting to herocryptos.cn (herocryptos.cn)|185.251.89.6|:80… connected. HTTP request sent, awaiting response… 302 Found Location: https://cryptodot.one/lead/1/x[following] Was SBL540579 194.147.87.74/32 Resolving herocryptos.cn (herocryptos.cn)… 45.134.255.218 Connecting to herocryptos.cn… Читать далее Spamvertised bitcoin scam. (herocryptos.cn // cryptodot.one)
DCRat botnet controller @3.142.81.166
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 3.142.81.166 on port 18921 TCP: $ telnet 3.142.81.166 18921 Trying 3.142.81.166… Connected to 3.142.81.166. Escape character… Читать далее DCRat botnet controller @3.142.81.166
RedLineStealer botnet controller @78.46.137.240
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 78.46.137.240 on port 21314 TCP: $ telnet 78.46.137.240 21314 Trying 78.46.137.240… Connected to 78.46.137.240. Escape character… Читать далее RedLineStealer botnet controller @78.46.137.240
phishing server
http://kraftongame.tk http://spin-material.cf http://winforyou.cf http://survivorgms.ml etc,etc,etc 144.126.135.60|100000000008762985524369821.tk|2022-01-14 22:01:55 144.126.135.60|100000000008762985524369822.tk|2022-01-14 21:31:59 144.126.135.60|100000000008762985524369823.tk|2022-01-14 21:31:55 144.126.135.60|100000000008762985524369824.tk|2022-01-14 21:31:58 144.126.135.60|100000000008762985524369825.tk|2022-01-14 21:31:46 144.126.135.60|100000000008762985524369826.tk|2022-01-14 21:51:11 144.126.135.60|100000000008762985524369827.tk|2022-01-14 21:51:15 144.126.135.60|100000000008762985524369828.tk|2022-01-14 22:51:15 144.126.135.60|100000000008762985524369829.tk|2022-01-14 21:51:34 144.126.135.60|100000000008762985524369830.tk|2022-01-14 21:51:19 144.126.135.60|1000000000347789523698541.tk|2022-01-14 10:53:08 144.126.135.60|1000000000347789523698542.tk|2022-01-14 10:53:34 144.126.135.60|1000000000347789523698543.tk|2022-01-14 09:38:45 144.126.135.60|1000000000347789523698544.tk|2022-01-14 10:52:49 144.126.135.60|1000000000347789523698545.tk|2022-01-14 10:38:09 144.126.135.60|1000000000347789523698546.tk|2022-01-14 10:53:34 144.126.135.60|1000000000347789523698547.tk|2022-01-14 09:37:48 144.126.135.60|1000000000347789523698548.tk|2022-01-14 10:52:57 144.126.135.60|1000000000347789523698549.tk|2022-01-14 09:42:45 144.126.135.60|1000000000347789523698550.tk|2022-01-14 10:53:04 144.126.135.60|1000000098745641644765451-ar.tk|2022-01-15 15:41:19 144.126.135.60|1000000098745641644765452-ar.tk|2022-01-15 15:41:18 144.126.135.60|1000000098745641644765453-ar.tk|2022-01-15 15:41:04 144.126.135.60|1000000098745641644765454-ar.tk|2022-01-15 15:41:18 144.126.135.60|1000000098745641644765455-ar.tk|2022-01-15 15:41:07… Читать далее phishing server
spam source
Received: from se8d23ff5.fastvps-server.com (HELO se8d23ff5.fastvps-server.com) (5.101.181.151) Date: Sun, 16 Jan 2022 From: «Mazin Hussein»<info@emiliaceramica.com> Subject: Can you supply your Products
phishing server
143.198.180.111|regions-online-login.co|2022-01-16 21:42:02 143.198.180.111|regions-online-web.co|2022-01-16 21:42:34
phishing server
137.184.116.125|verify-fidelity03.com|2022-01-16 19:31:18
DCRat botnet controller @51.91.193.177
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. DCRat botnet controller located at 51.91.193.177 on port 80 (using HTTP GET): hXXp://51.91.193.177/uploads/requestApidblinuxCdn.php $ nslookup 51.91.193.177 2-i7-6700k-w-2-hosted-by.hshp.ovh Referencing malware binaries (MD5 hash): 58cfa3457f3b836c80deee4ca88e49c0 — AV detection: 39… Читать далее DCRat botnet controller @51.91.193.177
Spam Emitter (OMICS)
OMICS is sending spam from this IP address. OMICS is a publisher of «open-access» journals for scientists and researchers, and solicits contributions and (by implication) subscribers to its journals by spamming scraped, purchased, or appended lists. OMICS has many previous and current SBL listings. Received: from e4.scischolarmail.biz (e4.scischolarmail.biz [188.166.76.204]) Received: from 45.35.13.211 (unknown [45.35.13.211]) Date:… Читать далее Spam Emitter (OMICS)
Spam Emitter (OMICS)
This IP address is sending spam for OMICS, a publisher of «open-access» journals that solicits contributions to those journals though spam sent to scraped, purchased or appended email addresses. OMICS has a large number of SBL listings, both active and resolved. It shows no signs of stopping its spam. Received: from e1.revopenaccess.biz (e1.revopenaccess.biz [178.62.46.73]) Received:… Читать далее Spam Emitter (OMICS)