According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. The host at this IP address is running… Читать далее Malware / Botnet / Phishing hosting server @141.8.199.128
opastonline.com (OPast Publishing Group)
4/07/2022: The second domain mentioned in a previous SBL listing, opastonline.com, has moved from its previous hosting to this IP address. The domain belongs to OPast Publishing Group, which appears to be connected to OMICS, a large-scale publisher of «open-access» journals and a heavy spam operation. We are listing this IP address to protect Spamhaus… Читать далее opastonline.com (OPast Publishing Group)
Malware botnet controller @195.133.46.143
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 195.133.46.143 on port 443. $ telnet 195.133.46.143 443 Trying 195.133.46.143… Connected to 195.133.46.143. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @195.133.46.143
Loki botnet controller @185.185.69.169
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 185.185.69.169 on port 80 (using HTTP POST): hXXp://sempersim.su/ge12/fre.php sempersim.su. 600 IN A 185.185.69.169 Referencing malware binaries (MD5 hash): 282597edf1d6759a52472a855ed9e14f — AV detection:… Читать далее Loki botnet controller @185.185.69.169
Malware botnet controller @95.213.216.208
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 95.213.216.208 on port 80 (using HTTP GET): hXXp://jsdkcr.link/47747.php jsdkcr.link. 600 IN A 95.213.216.208
Malware / Botnet / Phishing hosting server @95.213.216.250
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. The host at this IP address is running… Читать далее Malware / Botnet / Phishing hosting server @95.213.216.250
spam emitter @128.199.71.49
Received: from mail.vurey.live ([128.199.71.49]) From: «E-Wallet» <contact@vurey.live> Subject: [], je hebt onlangs nieuwe BTC Date: Wed, 6 Apr 2022 13:2x:xx -0700
Malware botnet controller @45.11.27.52
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 45.11.27.52 on port 443: $ telnet 45.11.27.52 443 Trying 45.11.27.52… Connected to 45.11.27.52. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @45.11.27.52
Malware botnet controller @45.10.244.51
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.10.244.51 port 443: $ telnet 45.10.244.51 443 Trying 45.10.244.51… Connected to 45.10.244.51. Escape character is ‘^]’… Читать далее Malware botnet controller @45.10.244.51
spam emitter @206.189.123.160
Received: from mail.dadsypro.me ([206.189.123.160]) From: «E-Wallet» <contact@dadsypro.me> Subject: [], je hebt onlangs nieuwe BTC Date: Tue, 5 Apr 2022 07:3x:xx -0700