The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 135.125.27.236 on port 22 TCP: $ telnet 135.125.27.236 22 Trying 135.125.27.236… Connected to 135.125.27.236. Escape character… Читать далее AsyncRAT botnet controller @135.125.27.236
spam emitter @5.135.82.242
Received: from s8.megojom.ru (5.135.82.242 [5.135.82.242]) Date: Sat, 18 Dec 2021 19:4x:xx +0000 From: Aleksandr <info@s8.megojom.ru> Subject: Предложение
phishing server
Phishing since 4/2021 apparently. Citibank 143.198.66.140|citimarket.us|2021-10-22 12:16:59 143.198.66.140|citimarketaccess.com|2021-12-19 03:35:55 143.198.66.140|citimarketb.com|2021-12-19 02:46:17
USPS phishing server
hXXp://my-usps.info/usps/verification/ my-usps.info has address 40.113.237.102
Suspected Snowshoe Spam IP Range — Mongkut, Panomyaong
Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a precaution therefore we are listing this IP range in an SBL… Читать далее Suspected Snowshoe Spam IP Range — Mongkut, Panomyaong
Carding fraud site/forums: fe-acc18.ru
Stolen credit card data sites: https://procrd.biz/ >>> https://i.imgur.com/dnhfzOq.gif >>> https://www.fe-acc18.ru/ 94.26.250.66 fe-acc18.ru 2021-12-17 20:34:25 ________________ Was: 213.52.129.206 fe-acc18.ru 2021-12-17 01:23:41 ________________ Was: 185.236.231.138 fe-acc18.ru 2021-12-15 15:38:08 ________________ Was: 159.203.41.229 fe-acc18.ru 2021-12-13 03:21:12 ________________ Was: 216.73.159.30 fe-acc18.ru 2021-12-11 00:05:42 ________________ Was: 45.9.20.217 fe-acc18.ru 2021-12-09 23:33:45 216.73.159.30 fe-acc18.ru 2021-12-11 00:05:42 ________________ Was: 91.241.19.78 fe-acc18.ru 2021-12-09 01:40:53 ________________… Читать далее Carding fraud site/forums: fe-acc18.ru
Spamvertised website
2021-12-18 nadisdh.com. 60 IN A 188.120.247.101 2021-12-17 nadisdh.com. 60 IN A 91.223.180.111 2021-12-09 nadisdh.com. 60 IN A 212.109.199.195 2021-12-08 nadisdh.com. 60 IN A 212.109.199.174 Received: from eaquegmhjm.cloudfront.net (20.68.129.110) From: Collagen, Collagen, <noreply@info.dnb.no> Subject: 𝟔 𝐠𝐨𝐝𝐞 𝐠𝐫𝐮𝐧𝐧𝐞𝐫 𝐭𝐢𝐥 å 𝐭𝐚 𝐂𝐨𝐥𝐥𝐚𝐠𝐞𝐧 𝐏𝐥𝐮𝐬 Date: Mon, 06 Dec 2021 10:5x:xx +0000 http://nadisdh.com/rd/[] 188.120.247.225 https://www.explicitcrackbeams.com/[]/?sub1=10&sub2=[]&sub3=[] 209.236.123.241 http://www6.andromedanebula.com/?[] 35.186.238.101
Spammer hosting @159.223.7.31
apotheke-deutschland.ru A 159.223.7.31 bestellen-sie-heute.ru A 159.223.7.31 diskrebestellung.ru A 159.223.7.31 diskret-bestellen.ru A 159.223.7.31 diskret-kaufen.ru A 159.223.7.31 diskret-rezeptfrei.ru A 159.223.7.31 diskreter-ohne-rezept.ru A 159.223.7.31 diskretion.ru A 159.223.7.31 doktorapotheke.ru A 159.223.7.31 dokversand.ru A 159.223.7.31 dokversand24.ru A 159.223.7.31 express-mann.ru A 159.223.7.31 goldapotheke.ru A 159.223.7.31 goldapotheker-schweiz.ru A 159.223.7.31 goldapotheker.ru A 159.223.7.31 gratis-versand.ru A 159.223.7.31 kaufen-sie-sicher.ru A 159.223.7.31 kostenloser-versand.ru A 159.223.7.31 pillen-kaufen.ru… Читать далее Spammer hosting @159.223.7.31
Spam Emitter (OMICS)
his IP address is sending spam for OMICS (aka Remedy Publishers, Austin Publishers). The spam sent by this entity appears to be targeted at email addresses scraped from websites, Whois records, and other sources associated with academia and research organizations. OMICS operates a number of open access journals that it claims are peer reviewed, but… Читать далее Spam Emitter (OMICS)
Spam Emitter (OMICS)
This IP address is sending spam for OMICS (aka Remedy Publishers, Austin Publishers). The spam sent by this entity appears to be targeted at email addresses scraped from websites, Whois records, and other sources associated with academia and research organizations. OMICS operates a number of open access journals that it claims are peer reviewed, but… Читать далее Spam Emitter (OMICS)