The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 145.239.201.32 on port 443: $ telnet 145.239.201.32 443 Trying 145.239.201.32… Connected to 145.239.201.32. Escape character is ‘^]’ ads-memory.biz. 60 IN A 145.239.201.32… Читать далее Malware botnet controller @145.239.201.32
Malicious DNS server. eyopolis.biz
20.83.234.89 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 20.83.234.89 stops answering DNS queries for spamvertized domain names. 2 Nameservers seen on 20.83.234.89: NS1.EYOPOLIS.BIZ — 19ero.com — 5star-equipment.com — adauthservices.com — adcldservices.com — adminauthserve.com… Читать далее Malicious DNS server. eyopolis.biz
Malware / Botnet / Phishing hosting server @176.119.147.47
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 176.119.147.47 on port… Читать далее Malware / Botnet / Phishing hosting server @176.119.147.47
Malware distribution & malware botnet controller @176.119.147.41
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 176.119.147.41 on port 443 TCP: $ telnet 176.119.147.41 443 Trying 176.119.147.41… Connected to 176.119.147.41. Escape character… Читать далее Malware distribution & malware botnet controller @176.119.147.41
Malware botnet controller @185.185.68.245
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.185.68.245 on port 443: $ telnet 185.185.68.245 443 Trying 185.185.68.245… Connected to 185.185.68.245. Escape character is… Читать далее Malware botnet controller @185.185.68.245
Loki botnet controller @185.185.69.76
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 185.185.69.76 on port 80 (using HTTP POST): hXXp://secure01-redirect.net/gc5/fre.php secure01-redirect.net. 600 IN A 185.185.69.76 Referencing malware binaries (MD5 hash): 551b922ffeac1a93a892a5b15f4465ee — AV detection:… Читать далее Loki botnet controller @185.185.69.76
Malware botnet controllers @185.251.91.108
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.251.91.108 on port 443: $ telnet 185.251.91.108 443 Trying 185.251.91.108… Connected to 185.251.91.108. Escape character is… Читать далее Malware botnet controllers @185.251.91.108
spam emitters
Received: from s6.goronet.ru (s6.goronet.ru [82.148.4.139]) Date: Sat, 22 Jan 2022 16:0x:xx +0000 From: Aleksandr <info@s6.goronet.ru> Subject: Предложение 82.148.4.130 goronet.ru 82.148.4.132 goronet.ru 82.148.4.138 goronet.ru 82.148.4.139 goronet.ru
Spamvertised websites
2022-01-27 gotogml.com. 60 IN A 194.87.1.5 2022-01-26 gotogml.com. 60 IN A 194.87.1.3 2022-01-26 gotogml.com. 60 IN A 85.208.186.181 2022-01-24 gotogml.com. 60 IN A 194.87.1.2 2022-01-22 gotogml.com. 60 IN A 194.87.185.76 2022-01-20 gotogml.com. 60 IN A 194.87.185.11 2022-01-18 gotogml.com. 60 IN A 5.188.160.30 Received: from iustocouny.newdom.com (20.77.57.222) Date: Mon, 17 Jan 2022 12:34:00 +0000 From: 💖💖… Читать далее Spamvertised websites
Spamvertised website
2022-02-01 gotogml.com. 60 IN A 194.87.1.4 2022-01-31 gotogml.com. 60 IN A 194.87.1.5 2022-01-20 gotogml.com. 60 IN A 194.87.185.11 2022-01-18 gotogml.com. 60 IN A 5.188.160.30 Received: from iustocouny.newdom.com (20.77.57.222) Date: Mon, 17 Jan 2022 12:34:00 +0000 From: 💖💖 Charming Russian Girls 💖💖 <> Subject: Find Your Russian Girl Who is Your Destiny 😍😍 https://storage.googleapis.com/emsidan/clickk.html#[] 142.250.65.80 http://gotogml.com/track/[]… Читать далее Spamvertised website