https://belfiu-s.icu => https://www.belfiu-sinfo.xyz/be/[] belfiu-s.icu. 28 IN A 44.230.85.241 belfiu-s.icu. 28 IN A 52.33.207.7 www.belfiu-sinfo.xyz. 494 IN A 45.81.234.5
Finnish B2B spammer
$ host haenyt.fi haenyt.fi has address 164.132.18.55 This website is advertised in SMS spam to business owners in Finland. A google translate of the contents indicates it has to do with corporate payday loans. # whois.fi domain………….: haenyt.fi status………….: Registered created…………: 4.1.2016 16:14:46 expires…………: 4.1.2022 14:06:38 available……….: 4.2.2022 14:06:38 modified………..: 4.5.2020 RegistryLock…….: no Nameservers nserver…………:… Читать далее Finnish B2B spammer
gkt249.top
This IP address, owned by @Mail250, is sending spam for a customer, apparently named «Corpo Muscoloso Senza Sacrifici <newsletter@benesserenutra.com>». The spam was sent to a large number of our sapmtraps, and probably a much larger number of email addresses that did not opt-in to receive this email. The disclaimer at the end of the email… Читать далее gkt249.top
phishing server
34.77.139.136|allybank.my03.com|2021-11-08 10:23:13 34.77.139.136|allybank.sytes.net|2021-11-05 10:04:03 34.77.139.136|allybank9.com|2021-11-07 16:30:50 34.77.139.136|bankofamericatoday.org|2021-11-02 23:30:51 34.77.139.136|jpmorgchase.com|2021-11-09 23:30:51 34.77.139.136|secure073a.com|2021-11-08 01:36:15 34.77.139.136|secure08-ab.com|2021-11-09 23:30:57
Malware botnet controllers @45.8.127.216
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.8.127.216 on port 443: $ telnet 45.8.127.216 443 Trying 45.8.127.216… Connected to 45.8.127.216. Escape character is… Читать далее Malware botnet controllers @45.8.127.216
irs phishing server
hXXps://us.me-2boost.com/r/wQlMan $ host us.me-2boost.com us.me-2boost.com has address 20.189.112.76
spam emitter @54.240.27.2
Received: from a27-27.smtp-out.us-west-2.amazonses.com (54.240.27.27) Subject: Enligt överenskommelse [], mer information om måndagens möte From: Johan Olsson <olsson@onemarketz.com> Date: Tue, 9 Nov 2021 09:4x:xx +0000
SMS spam redirector DNS
$ host ns1.smsdnspro.com ns1.smsdnspro.com has address 213.252.247.9 $ host ns2.smsdnspro.com ns2.smsdnspro.com has address 51.68.198.93 Domains served by these nameservers appear as the first stage redirectors in SMS fraud spam.
Phishing redirector
$ host xhif.link xhif.link has address 185.212.128.20 xhif.link has address 138.197.217.143 This domain was registered on November 2 solely for phishing purposes. # whois.namecheap.com Domain name: xhif.link Registry Domain ID: DO_5e904656ca6124ded731a515545fa8e4-UR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2021-11-02T09:48:01.15Z Registrar Registration Expiration Date: 2022-11-02T09:48:01.15Z Registrar: NAMECHEAP INC Registrar IANA ID:… Читать далее Phishing redirector
Suspected Snowshoe Spam IP Range
Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a precaution therefore we are listing this IP range in an SBL… Читать далее Suspected Snowshoe Spam IP Range