Spam sources. Same spammer previously on 5.188.158.{69,212}. ======================================================================= Return-Path: <> Received: from viata.es (unknown [37.9.13.173]) by x (Postfix) with ESMTP id x for <x>; Wed, 9 Feb 2022 xx:xx:xx +0000 (UTC) MIME-Version: 1.0 From:Home Depot <dealspromo@x.hosakomatel.co.nl> Subject:CLAlM Your Free Dyson Vacuum NOW! Reply-To: reply_to@waketech.xx To: x Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=UTF-8 Date: Wed, 09 Feb… Читать далее spam sources
spam source
Spam source. Same spammer previously on 5.188.158.{69,212}. ======================================================================= Return-Path: <> Received: from viata.es (unknown [37.9.13.222]) by x (Postfix) with ESMTP id x for <x>; Wed, 9 Feb 2022 xx:xx:xx +0000 (UTC) MIME-Version: 1.0 From:Home Depot <dealspromo@x.hosakomatel.co.nl> Subject:CLAlM Your Free Dyson Vacuum NOW! Reply-To: reply_to@waketech.xx To: x Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=UTF-8 Date: Wed, 09 Feb… Читать далее spam source
Credit card fraud gang hosting (DNS): idinaxui-netspama.ru (vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
Stolen credit card data websites (DNS servers): ns1.idinaxui-netspama.ru. 7168 IN A 135.125.234.148 ns2.idinaxui-netspama.ru. 7159 IN A 139.99.247.43 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 45.143.137.30 ns2.idinaxui-netspama.ru. 7159 IN A 198.244.220.111 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 95.142.47.156 ns2.idinaxui-netspama.ru. 7159 IN A 87.251.79.161 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 185.105.118.106 ns2.idinaxui-netspama.ru. 7159 IN A 2.57.186.170 ___________________ Was:… Читать далее Credit card fraud gang hosting (DNS): idinaxui-netspama.ru (vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
Credit card fraud gang hosting (DNS): idinaxui-netspama.ru (vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
Stolen credit card data websites (DNS servers): ns1.idinaxui-netspama.ru. 7168 IN A 135.125.234.148 ns2.idinaxui-netspama.ru. 7159 IN A 139.99.247.43 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 45.143.137.30 ns2.idinaxui-netspama.ru. 7159 IN A 198.244.220.111 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 95.142.47.156 ns2.idinaxui-netspama.ru. 7159 IN A 87.251.79.161 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 185.105.118.106 ns2.idinaxui-netspama.ru. 7159 IN A 2.57.186.170 ___________________ Was:… Читать далее Credit card fraud gang hosting (DNS): idinaxui-netspama.ru (vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
Socelars botnet controller @161.97.64.205
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Socelars botnet controller located at 161.97.64.205 on port 80 (using HTTP POST): hXXp://www.mkpmc.com/ $ dig +short www.mkpmc.com 161.97.64.205 $ nslookup 161.97.64.205 vmi779689.contaboserver.net Referencing malware binaries (MD5 hash):… Читать далее Socelars botnet controller @161.97.64.205
Loki botnet controller @172.67.197.66
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.197.66 on port 80 (using HTTP POST): hXXp://asiaoil.bar//bobby/five/fre.php $ dig +short asiaoil.bar 172.67.197.66 Referencing malware binaries (MD5 hash): 98370a11c6df87e4e76bfb1421c2f187 — AV detection:… Читать далее Loki botnet controller @172.67.197.66
Loki botnet controller @104.21.49.244
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.49.244 on port 80 (using HTTP POST): hXXp://asiaoil.bar//bobby/five/fre.php $ dig +short asiaoil.bar 104.21.49.244 Referencing malware binaries (MD5 hash): c82c6bdb3e6c126ed700415933fa5799 — AV detection:… Читать далее Loki botnet controller @104.21.49.244
Loki botnet controller @188.114.96.15
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 188.114.96.15 on port 80 (using HTTP POST): hXXp://hfjv9g950bag53fcbcdnbcbnmhy35zch.ga/Marshall/fre.php $ dig +short hfjv9g950bag53fcbcdnbcbnmhy35zch.ga 188.114.96.15 Referencing malware binaries (MD5 hash): 01dfa2db4bfb87e5a5d2d4e5d8c00f5f — AV detection:… Читать далее Loki botnet controller @188.114.96.15
Loki botnet controller @104.21.57.109
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.57.109 on port 80 (using HTTP POST): hXXp://frostandkeelinginc.cf/Ausin1/fre.php $ dig +short frostandkeelinginc.cf 104.21.57.109 Referencing malware binaries (MD5 hash): 051af1d7d4c27b66225897eaac5bd11f — AV detection:… Читать далее Loki botnet controller @104.21.57.109
Loki botnet controller @104.21.57.109
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.57.109 on port 80 (using HTTP POST): hXXp://frostandkeelinginc.cf/Ausin1/fre.php $ dig +short frostandkeelinginc.cf 104.21.57.109 Referencing malware binaries (MD5 hash): 051af1d7d4c27b66225897eaac5bd11f — AV detection:… Читать далее Loki botnet controller @104.21.57.109