The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXX://daferton.top/30fdh3fdh/update1.dll daferton.top. 300 IN A 188.114.96.0 daferton.top. 300 IN A 188.114.97.0
Malware distribution @188.114.97.0
The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXX://daferton.top/30fdh3fdh/update1.dll daferton.top. 300 IN A 188.114.96.0 daferton.top. 300 IN A 188.114.97.0
spam emitters
Received: from s3.goronet.ru (s3.goronet.ru [82.202.237.141]) Date: Tue, 8 Feb 2022 13:2x:xx +0000 From: Aleksandr <info@s3.goronet.ru> Subject: Предложение 82.202.237.138 goronet.ru 82.202.237.139 goronet.ru 82.202.237.140 goronet.ru 82.202.237.141 goronet.ru 82.202.237.142 goronet.ru
Cybercrime sites
34.65.197.40 briankrebs.cm 2022-02-07 13:01:01 34.65.197.40 briansclub.cm 2022-02-08 01:25:33 34.65.197.40 marketo.best 2022-02-08 12:08:53 34.65.197.40 marketo.cash 2022-02-08 12:09:48 34.65.197.40 marketo.center 2022-02-08 12:08:22 34.65.197.40 marketo.city 2022-02-08 12:08:51 34.65.197.40 marketo.cloud 2022-02-08 12:08:16 _______________________________ Was: marketo.best. 600 IN A 195.43.142.213 marketo.cash. 600 IN A 195.43.142.213 marketo.city. 600 IN A 195.43.142.213 _______________________________ Was: 193.178.172.74 marketo.best 2022-02-07 22:07:06 193.178.172.74 marketo.cash 2022-02-07 22:06:31… Читать далее Cybercrime sites
Carding fraud tool site: luxchecker.pm / luxchecker.pw etc.
Selling balance checking to stolen credit card cybercriminals: «CC/DUMPS/AVS/BALANCE/PAYPAL CARD Checker. « https://luxchecker.pm/ https://luxchecker.pw/ luxchecker.pm. 600 IN A 141.8.193.24 luxchecker.pw. 600 IN A 141.8.193.24 ___________________ Was: luxchecker.pm. 600 IN A 87.249.44.194 luxchecker.pw. 600 IN A 87.249.44.194 ___________________ Was: luxchecker.pm. 600 IN A 176.118.165.21 luxchecker.pw. 600 IN A 176.118.165.21 ___________________ Was: luxchecker.pm. 600 IN A 93.189.42.131… Читать далее Carding fraud tool site: luxchecker.pm / luxchecker.pw etc.
AsyncRAT botnet controller @20.111.34.199
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.111.34.199 on port 1604 TCP: $ telnet 20.111.34.199 1604 Trying 20.111.34.199… Connected to 20.111.34.199. Escape character… Читать далее AsyncRAT botnet controller @20.111.34.199
Malware botnet controller @18.222.122.216
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 18.222.122.216 on port 80 (using HTTP POST): hXXp://18.222.122.216/Contador/serv.php $ nslookup 18.222.122.216 ec2-18-222-122-216.us-east-2.compute.amazonaws.com
Spamvertised website
Received: from orangepix.it (66.152.162.73) Date: Tue, 8 Feb 2022 06:3x:xx -0500 From: 🔴 ʀᴇfɪɴᴀɴsɪᴇʀ ᴅᴇɴ ᴅʏʀᴇ sᴍÅɢᴊᴇʟᴅᴇɴ <[]> Subject: FLEKSIBLE 0G USIKREDE LÅN INNTIL 5OO,OOO KR https://shoutout.wix.com/so/[] 185.230.63.199 https://s3.amazonaws.com/retraitesdfgsrsz/[] 54.231.137.168 http://madesurf.com/qs=[] 66.85.46.254 https://koffdeal.com/?a=1478&oc=11217&c=32713&m=3&s1=[]&s2=[]&s3=55 35.204.100.162 https://vijfhoof.com/?a=1478&oc=11217&c=32713&m=3&s1=[]&s2=[]&s3=55&ckmguid=[] 35.204.23.131 https://finansnord.no/?&clickid=[]&campaign=1050&affid=1478 172.105.93.105
Cybercrime sites
marketo.best. 600 IN A 195.43.142.213 marketo.cash. 600 IN A 195.43.142.213 marketo.city. 600 IN A 195.43.142.213 _______________________________ Was: 193.178.172.74 marketo.best 2022-02-07 22:07:06 193.178.172.74 marketo.cash 2022-02-07 22:06:31 193.178.172.74 marketo.city 2022-02-07 22:07:04 193.178.172.74 marketo.cloud 2022-02-08 04:06:24 _______________________________ Was: kraten.info. 600 IN A 185.212.148.175 185.212.148.175 marketo.best 2022-01-31 15:31:59 185.212.148.175 marketo.cash 2022-01-31 15:12:25 185.212.148.175 marketo.center 2022-02-01 16:22:03 185.212.148.175 marketo.city 2022-01-31… Читать далее Cybercrime sites
Spamvertised website
Received: from dispatchb-us1.ppe-hosted.com (45.153.231.123) Date: Mon, 07 Feb 2022 21:5x:xx +0000 From: iPad Pro, iPad Pro <info@mail.socialdeal.nl> Subject: RE: U bent gekozen om gratis deel te nemen aan ons loyaliteitsprogramma! http://protected.digital/rd/[] 192.236.147.189 https://yellowheating.com/[] 193.124.15.153 https://jumblemumble.com/?s1=350712&s2=[]&s3=2466&s4=0&s10=25 172.67.214.60 https://unisonoverpas.com/[] 172.67.179.168 https://beastupz.com/click?s2=[]&s1=350712&s3=2466&trvid=10434 54.82.90.61 https://coupvariant.com/?a=162&c=3957&s2=[] 172.67.215.131 https://slim.footballgreethem.com/nl-nl/?o=3998&r=[]&a=162&sa= 104.21.51.16 https://payment.ohmyzpot.com/0ab9e/gateway.html?sid=[] 188.114.97.0