The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 51.254.187.177 on port 3705 TCP: $ telnet 51.254.187.177 3705 Trying 51.254.187.177… Connected to 51.254.187.177. Escape character… Читать далее RedLineStealer botnet controller @51.254.187.177

Spamhaus has observed spam from this range to addresses that had never asked for it. The behaviour has been consistent and gone on for more than a year. We have SBLCSS removal requests on file for IPs in this range going back to April 2020. Many of the domain names had already been automatically listed… Читать далее Predatory publisher: Heighten Science Publications Corporation

91.134.247.133 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 91.134.247.133 stops answering DNS queries for spamvertized domain names. NS345.DNSEVER.COM — ms-shopclub.su — ms-shophouse.su — ms-shopinfo.su — ms-shoplife.su — ms-shoplink.su — ms-shoplive.su — ms-shopzone.su —… Читать далее Canadian Pharmacy

Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a precaution therefore we are listing this IP range in an SBL… Читать далее Suspected Snowshoe Spam IP Range — Indian spammer

Stolen credit card data websites: https://procrd.biz/ >>> https://i.imgur.com/wHCdAan.gif >>> https://cvvme.st/ https://cvv-net.su/login/?_= cvvme.st. 86400 IN A 135.125.248.51 cvv-net.su. 3600 IN A 135.125.248.51 ______________________ Was: cvvme.st. 21599 IN A 188.166.251.51 cvv-net.su. 3599 IN A 188.166.251.51 cvv-ru.su. 3599 IN A 188.166.251.51 188.166.251.51 c-v-v-me.st 2021-07-13 15:47:51 ________________ Was: validcc-su.su. 3599 IN A 104.248.146.169 104.248.146.169 cvv-me.st 2021-07-08 05:06:41 104.248.146.169 cvv-online.su… Читать далее Repeated hosting of cybercriminal carding gang at cvvme.st / cvv-net.su, cvv-ru.su etc.

Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a precaution therefore we are listing this IP range in an SBL… Читать далее Suspected Snowshoe Spam IP Range — Listerman Pavel

164.132.138.143 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 164.132.138.143 stops answering DNS queries for spamvertized domain names. 2 Nameservers seen on 164.132.138.143: NS1.DOMEN-DOMIK.RU — 1shnurok.ru — 1sns.ru — 2rich4bitches.ru — 2rich4bitches.su — 2tracks24.net… Читать далее Spammer DNS hosting (cybercrime forums)

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 146.59.132.186 on port 4000 TCP: $ telnet 146.59.132.186 4000 Trying 146.59.132.186… Connected to 146.59.132.186. Escape character… Читать далее XpertRAT botnet controller @146.59.132.186

$ host redirectinformationaccess14423.com redirectinformationaccess14423.com has address 141.95.55.102

The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://188.165.62.10/44461.8020041667.dat $ nslookup 188.165.62.10 tv0n.gaurented.com