The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.175 on port 443: $ telnet 194.87.185.175 443 Trying 194.87.185.175… Connected to 194.87.185.175. Escape character is… Читать далее Malware botnet controller @194.87.185.175
Malware botnet controllers @194.87.185.67
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.67 on port 443: $ telnet 194.87.185.67 443 Trying 194.87.185.67… Connected to 194.87.185.67. Escape character is… Читать далее Malware botnet controllers @194.87.185.67
Spam Hosting (OMICS) (Redirector / Tracking / Unsubscribes)
This IP address hosts a redirector, tracking URI, and unsubscribe website for an open-access journal published by OMICS, a large publisher of «open-access» journals. It is Received: from mail0.ajsurclcasre.com (mail0.ajsurclcasre.com [139.59.78.233]) Date: Thu, 06 Jan 2022 10:##:## +0000 From: American Journal of Surgery and Clinical Case Reports (ISSN <x>) <editor@ajsurclcasre.com> Reply-To: American Journal of Surgery… Читать далее Spam Hosting (OMICS) (Redirector / Tracking / Unsubscribes)
Spam Emitter (OMICS)
This IP address is sending spam requesting submissions to an open-access journal published by OMICS. OMICS sends its solicitations to scraped, purchased, or appended lists. Received: from mail0.ajsurclcasre.com (mail0.ajsurclcasre.com [139.59.78.233]) Date: Thu, 06 Jan 2022 10:##:## +0000 From: American Journal of Surgery and Clinical Case Reports (ISSN <x>) <editor@ajsurclcasre.com> Reply-To: American Journal of Surgery and… Читать далее Spam Emitter (OMICS)
phishing server
20.62.99.4|auth03-citi.com|2022-01-10 01:46:21 20.62.99.4|secure01-wells.com|2022-01-10 16:46:23 20.62.99.4|secure01c-wells.com|2022-01-09 06:35:52 20.62.99.4|secure02-citi.com|2022-01-09 05:36:08
SpamHosting (OMICS) (A record)
Cloudflare hosts the A record of the domain medtextopenj.info. This domain appears in spam emails as the Reply-to address, soliciting responses to the spam. No other contact method is provided in the spam sample from today’s mailing. This domain belongs to OMICS (aka Medtext Publications, Remedy Publishers, aka Austin Publishing, etc.) OMICS publishes a large… Читать далее SpamHosting (OMICS) (A record)
Spammer hosting @172.64.101.10
Spammer hosting located here: $ dig +short www.apotheker-rezeptfrei.ch 172.64.101.10 172.64.100.10
SpamHosting (OMICS) (A record)
Cloudflare hosts the A record of the domain medtextopenj.info. This domain appears in spam emails as the Reply-to address, soliciting responses to the spam. No other contact method is provided in the spam sample from today’s mailing. This domain belongs to OMICS (aka Medtext Publications, Remedy Publishers, aka Austin Publishing, etc.) OMICS publishes a large… Читать далее SpamHosting (OMICS) (A record)
Abused / misconfigured newsletter service (listbombing)
The host at this IP address is being (ab)used to «listbomb» email addresses: From: Quirk Chevrolet MA <leads@chevy.quirkautodealers.net> Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================ In order to… Читать далее Abused / misconfigured newsletter service (listbombing)
Cybercriminal carding gang at cvv-net.su, cvv-ru.su etc.
Stolen credit card data websites: 92.222.241.68 cvv-market.su 2022-01-08 23:40:56 92.222.241.68 cvv-online.su 2022-01-09 10:42:07 92.222.241.68 cvv-ru.su 2022-01-09 21:50:04 92.222.241.68 cvvme-shop.su 2022-01-09 21:49:55 _____________________ Was: 216.73.159.105 cvv-com.su 2022-01-06 17:12:02 216.73.159.105 cvv-market.su 2022-01-06 17:11:42 216.73.159.105 cvv-online.su 2022-01-06 17:11:26 216.73.159.105 cvv-pro.su 2022-01-07 06:12:34 216.73.159.105 cvv-ru.su 2022-01-06 16:56:39 216.73.159.105 cvvme-shop.su 2022-01-06 17:16:36 216.73.159.105 cvvme-store.su 2022-01-06 17:16:58 216.73.159.105 cvvme.club 2022-01-06 17:02:12… Читать далее Cybercriminal carding gang at cvv-net.su, cvv-ru.su etc.