NetWire botnet controller @52.188.19.78

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 52.188.19.78 on port 6655 TCP: $ telnet 52.188.19.78 6655 Trying 52.188.19.78… Connected to 52.188.19.78. Escape character… Читать далее NetWire botnet controller @52.188.19.78

Опубликовано
В рубрике microsoft.com

RemcosRAT botnet controller @52.188.19.78

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 52.188.19.78 on port 2404 TCP: $ telnet 52.188.19.78 2404 Trying 52.188.19.78… Connected to 52.188.19.78. Escape character… Читать далее RemcosRAT botnet controller @52.188.19.78

Опубликовано
В рубрике microsoft.com

RedLineStealer botnet controller @135.181.12.183

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 135.181.12.183 on port 45253 TCP: $ telnet 135.181.12.183 45253 Trying 135.181.12.183… Connected to 135.181.12.183. Escape character… Читать далее RedLineStealer botnet controller @135.181.12.183

Опубликовано
В рубрике hetzner.de

Spamvertised website

2022-01-18 gotogml.com. 60 IN A 5.188.160.30 Received: from iustocouny.newdom.com (20.77.57.222) Date: Mon, 17 Jan 2022 12:34:00 +0000 From: 💖💖 Charming Russian Girls 💖💖 <> Subject: Find Your Russian Girl Who is Your Destiny 😍😍 https://storage.googleapis.com/emsidan/clickk.html#[] 142.250.65.80 http://gotogml.com/track/[] 5.188.160.20 https://www.thenameiva.com/[]/?sub1=10&sub2=[]&sub3=[] 185.95.85.177 https://www.meetrussianlady.com/qa/register03.php?aid=1607&oid=CP282603&qpid_offer_id=[]&qpid_subid=1989&qpid_clickid=[]&source_tag= 54.193.5.120

Опубликовано
В рубрике selectel.ru

phishing server

Longterm phishing server 51.161.33.140|apple-me.us|2022-01-08 11:56:25 51.161.33.140|apple-store.us|2022-01-07 07:27:00 51.161.33.140|appleid-maps.us|2022-01-08 15:03:56 51.161.33.140|applestore-app.us|2022-01-05 18:26:33 51.161.33.140|findmyiphone-devices.com|2022-01-18 06:41:45 51.161.33.140|idevices-help.us|2022-01-08 07:21:15 51.161.33.140|mi-account.us|2022-01-05 18:26:45 51.161.33.140|spectrosserver2.us|2022-01-18 06:41:13 51.161.33.140|supp-flndmylphone.us|2022-01-05 17:41:32 51.161.33.140|support-findmyiphone.us|2022-01-04 20:51:40 51.161.33.140|support-id.support|2022-01-11 14:53:05

Опубликовано
В рубрике ovh.net

spam source

[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. 23.251.255.160 e255-160.smtp-out.amazonses.com «e255-160.smtp-out.amazonses.com» 2022-01-13T15:40:00Z (+/-10 min) 23.251.255.165 e255-165.smtp-out.amazonses.com «e255-165.smtp-out.amazonses.com» 2022-01-13T15:40:00Z (+/-10… Читать далее spam source

Опубликовано
В рубрике amazon.com

Spam Emitter (OMICS)

This IP address is sending spam for OMICS, a publisher of «open-access» journals that spams scraped, purchased, or appended lists to solicit contributions and (by implication) subscriptions to its journals. OMICS has many previous and current SBL listings. Received: from e1.journalscholar.biz (e1.journalscholar.biz [159.203.185.146]) Received: from 209.105.239.144 (unknown [209.105.239.144]) Date: Tue, 18 Jan 2022 09:##:## +0530… Читать далее Spam Emitter (OMICS)

Malware / Botnet / Phishing hosting server @78.155.222.138

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 78.155.222.138 port 443… Читать далее Malware / Botnet / Phishing hosting server @78.155.222.138

Опубликовано
В рубрике selectel.ru

Spam Emitter (OMICS)

This IP address is sending spam for OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) subscriptions by sending spam to scraped, purchased, or appended lists. OMICS has many previous and current SBL listings. Received: from e1.medopenaccessjrnl.biz (e1.medopenaccessjrnl.biz [164.92.221.151]) Received: from 209.105.239.144 (unknown [209.105.239.144]) Date: Mon, 17 Jan 2022 15:##:## +0530 From:… Читать далее Spam Emitter (OMICS)

Spam Emitter (OMICS)

This IP address is sending spam for OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) subscriptions by spamming scraped, purchased, or appended lists. OMICS has many previous and current SBL listings. Received: from e2.medjournalarticle.biz (e2.medjournalarticle.biz [104.248.139.216]) Received: from 45.35.13.211 (unknown [45.35.13.211]) Date: Mon, 17 Jan 2022 23:##:## +0530 From: Dentistry Journal… Читать далее Spam Emitter (OMICS)