This IP address is sending spam for OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) fees and/or subscriptions through spam sent to scraped, purchased, or appended lists. Received: from e1.sciopenaccessms.biz (e1.sciopenaccessms.biz [147.182.159.226]) Received: from 209.105.248.136 (unknown [209.105.248.136]) Date: Sun, 10 Apr 2022 20:##:## +0530 From: Editor-Pulmonology and Clinical Research <editor@sciopenaccessms.biz> Reply-To:… Читать далее Spam Emitter (OMICS)
Spam Emitter (OMICS)
This IP address is sending spam for OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) fees and/or subscriptions through spam sent to scraped, purchased, or appended lists. Received: from e1.sciresartrev.biz (e1.sciresartrev.biz [159.203.57.29]) Received: from 108.60.219.23 (unknown [108.60.219.23]) Date: Sun, 10 Apr 2022 20:##:## +0530 From: Hypertension Journal <editor@sciresartrev.biz> Reply-To: Hypertension Journal… Читать далее Spam Emitter (OMICS)
ArkeiStealer botnet controller @95.217.244.41
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. ArkeiStealer botnet controller located at 95.217.244.41 on port 80 (using HTTP GET): hXXp://95.217.244.41/ $ nslookup 95.217.244.41 static.41.244.217.95.clients.your-server.de Referencing malware binaries (MD5 hash): 2683b53d541f766e9609ebb105b3aec5 — AV detection: 28… Читать далее ArkeiStealer botnet controller @95.217.244.41
Phish landing site.
This is a KDDI AU phish, served by malicious redirectors and dynamic dns providers: Status Code URL IP Page Type Redirect Type Redirect URL 200 https://late-union-8173.lenadfriedlandl92.workers.dev/%22%7C 301 http://auto-type.ddns.net/ 200 https://auto-type.ddns.net/ auto-type.ddns.net has address 34.97.28.225
Malware / Botnet / Phishing hosting server @45.10.247.41
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. The host at this IP address is obviously… Читать далее Malware / Botnet / Phishing hosting server @45.10.247.41
Loki botnet controller @193.42.113.194
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 193.42.113.194 on port 80 (using HTTP POST): hXXp://sempersim.su/ge12/fre.php sempersim.su. 600 IN A 195.133.10.94 Referencing malware binaries (MD5 hash): 282597edf1d6759a52472a855ed9e14f — AV detection:… Читать далее Loki botnet controller @193.42.113.194
Malware distribution @45.11.26.72
The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://shfpudpqth.top/strong/mix.exe shfpudpqth.top. 600 IN A 45.11.26.72 Referencing malware binaries (MD5 hash): 9c287453cdeefc0effea16c5c1890edf — AV detection: 40 / 70 (57.14)
Spam Emitter! (GRC Trainer) (Ijona Services)
ESP Mailercloud is sending spam for thewebinarupdate.com, owned by a provider of business training seminars and webinars that uses many different business names. We use one of those names, Ijona Services, to keep track of this entity’s activites. In the past few months, Pioneer Educator has been abusing the services of large numbers of email… Читать далее Spam Emitter! (GRC Trainer) (Ijona Services)
Malware / Botnet / Phishing hosting server @45.10.247.19
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. The host at this IP address is running… Читать далее Malware / Botnet / Phishing hosting server @45.10.247.19
Malware distribution and malware botnet controller @193.124.118.130
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 193.124.118.130 on port 443: $ telnet 193.124.118.130 443 Trying 193.124.118.130… Connected to 193.124.118.130. Escape character is ‘^]’ Malware located here: hXXp://docmasterpassb.top/kdv/ubt-R_iBQqxPIRMOiB6o8qAlaVnp3s9CmcNQ1l3P/ Malicious domains… Читать далее Malware distribution and malware botnet controller @193.124.118.130