137.184.39.50|support-citi-b8.com|2022-02-09 21:42:15 137.184.39.50|support-citi-e5.com|2022-02-10 02:16:26 137.184.39.50|support-citi-r6.com|2022-02-10 04:26:08
Malware distribution @54.235.58.2
The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://54.235.58.2/2/Ps1HDF.txt $ nslookup 54.235.58.2 ec2-54-235-58-2.compute-1.amazonaws.com
Malware botnet controller @185.251.88.161
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.251.88.161 on port 443: $ date && curl -ILk https://185.251.88.161/ Thu Feb 10 04:43:47 UTC 2022… Читать далее Malware botnet controller @185.251.88.161
Malware botnet controller @185.251.88.161
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.251.88.161 on port 443: $ telnet 185.251.88.161 443 Trying 185.251.88.161… Connected to 185.251.88.161. Escape character is… Читать далее Malware botnet controller @185.251.88.161
spam source
[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. w 54.240.26.9 a26-9.smtp-out.us-west-2.amazonses.com «a26-9.smtp-out.us-west-2.amazonses.com» 2022-02-08T20:30:00Z (+/-10 min) 54.240.26.9/32 (54.240.26.9 .. 54.240.26.9)… Читать далее spam source
Malware / Botnet / Phishing hosting server @45.10.244.129
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 45.10.244.129 port 443… Читать далее Malware / Botnet / Phishing hosting server @45.10.244.129
Smoke botnet controller and malware distribution @193.124.118.116
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 193.124.118.116 on port 80 (using HTTP POST): hXXp://file-coin-host-12.com/ file-coin-host-12.com. 600 IN A 193.124.118.116 Referencing malware binaries (MD5 hash): 709cdc8f1ffceb73206dec78221d895e — AV… Читать далее Smoke botnet controller and malware distribution @193.124.118.116
expertappdeveloper.com (SEO/appdev/webdev)
This IP address is sending spam for the owners of the domain expertappdeveloper.com. This domain belongs to an India-based web and application developer. The spammer is spamming email addresses scraped from Whois records. The domain expertappdeveloper.com is apparently registered by Aliyun, but Aliyun’s whois server indicates that the domain does not exist. So this domain… Читать далее expertappdeveloper.com (SEO/appdev/webdev)
expertappdeveloper.com (SEO/appdev/webdev)
This IP address hosts the A record, MX record, and website of the domain expertappdeveloper.com. This domain belongs to an India-based web and application developer. The spammer is spamming email addresses scraped from Whois records. The domain expertappdeveloper.com is apparently registered by Aliyun, but Aliyun’s whois server indicates that the domain does not exist. So… Читать далее expertappdeveloper.com (SEO/appdev/webdev)
spam source
Spam source. Same spammer previously on 5.188.158.{69,212}. ======================================================================= Return-Path: <> Received: from viata.es (unknown [37.9.13.169]) by x (Postfix) with ESMTP id x for <x>; Wed, 9 Feb 2022 xx:xx:xx +0100 (CET) MIME-Version: 1.0 From:Home Depot <dealspromo@x.hosakomatel.co.nl> Subject:CLAlM Your Free Dyson Vacuum NOW! Reply-To: reply_to@waketech.xx To: x Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=UTF-8 Date: Wed, 09 Feb… Читать далее spam source