The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://188.165.62.50/44475.863353125.dat $ nslookup 188.165.62.50 ip50.ip-188-165-62.eu Referencing malware binaries (MD5 hash): 24a9869030253a8c86042fbb563abd9c — AV detection: 8 / 48 (16.67)
phishing / fraud sites
$ host usmilservicecenter.com usmilservicecenter.com has address 198.187.29.31
Hacked Website: 15.207.45.93
A website at this IP address is currently being (ab)used by cybercriminals to spread malicious software (malware). Host: 15.207.45.93 URL: hxxps[://]indha[.]in/wp-admin/maint/index.php/ This issue was most probably caused by a compromised website. Cybercriminals may have gained access to the mentioned website by exploiting a well known vulnerability in a Content Management System (CMS) or by using… Читать далее Hacked Website: 15.207.45.93
email phishing
Received: from mta0.hyundai.co.th (unknown [128.199.235.237]) From: «x» <info@hyundai.co.th> To: x@x Subject: x@x password expires soon. Date: 05 Oct 2021 x +0000 HTML mess that includes https://elated-mccarthy.143-198-170-94.plesk.page/admin/MailUpdateFresh/#x@x
Phishing origination against PayPal
PayPal phishing spam in Estonian Subject: Avastasime hiljuti teie kontolt kahtlase tegevuse being sent today from 23.239.3.121, 45.56.84.42, 139.162.154.210, 212.71.247.164
Phishing origination against PayPal
PayPal phishing spam in Estonian Subject: Avastasime hiljuti teie kontolt kahtlase tegevuse being sent today from 23.239.3.121, 45.56.84.42, 139.162.154.210, 212.71.247.164
Phishing origination against PayPal
PayPal phishing spam in Estonian Subject: Avastasime hiljuti teie kontolt kahtlase tegevuse being sent today from 23.239.3.121, 45.56.84.42, 139.162.154.210, 212.71.247.164
Phishing origination against PayPal
PayPal phishing spam in Estonian Subject: Avastasime hiljuti teie kontolt kahtlase tegevuse being sent today from 23.239.3.121, 45.56.84.42, 139.162.154.210, 212.71.247.164
spam source
Spam source. 98.32.189.206.in-addr.arpa. 1354 IN PTR bizcloud-power.honeycomblife.in. [fake hostname, not resolving forward] ========================================================================= Return-Path: <inquiry@kicoltd.jp> Received: from bizcloud-power.honeycomblife.in (HELO mta0.honeycomblife.in) (206.189.32.98) by x (x) with ESMTP; Wed, 06 Oct 2021 xx:xx:xx +0000 From: «x» <inquiry@kicoltd.jp> To: x Subject: Your storage is full Date: 06 Oct 2021 xx:xx:xx -0700 Message-ID: <x@kicoltd.jp> MIME-Version: 1.0 Content-Type: multipart/related; boundary=»x»… Читать далее spam source
Suspected Snowshoe Spam IP Range
Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a precaution therefore we are listing this IP range in an SBL… Читать далее Suspected Snowshoe Spam IP Range