|
![]() |
|||||||
![]()
![]()
![]() |
![]() SBL203551 91.209.12.114 a2b-internet.com 2013-11-12 Malware botnet controller @91.209.12.114 SBL202971 91.209.12.133 a2b-internet.com 2013-11-05 Spammer DNS server @91.209.12.133 SBL202966 91.209.12.138 a2b-internet.com 2013-11-06 Blackhat SEO spammer service @91.209.12.138 SBL202761 91.209.12.102/31 a2b-internet.com 2014-01-13 Spammer hosting: botmasterlabs.net SBL202760 91.209.12.66 a2b-internet.com 2013-11-07 Fake drug server: erectiemiddelenshop.nl SBL202759 91.209.12.0/24 a2b-internet.com 2014-07-02 James Carner / eHygienics ZYZTM & BotmasterLabs.Net & other spammers SBL202575 91.209.12.137 a2b-internet.com 2013-11-02 Blackhat SEO spammer service @91.209.12.137 SBL202501 91.209.12.116 a2b-internet.com 2013-11-02 Malware botnet controller @91.209.12.116 SBL200968 91.209.12.125 a2b-internet.com 2013-10-19 Spamvertised website hosting SBL198074 91.209.12.79 a2b-internet.com 2013-10-21 Chuck An / iomega iomegaone.com SBL154882 91.209.12.1 tinet.net 2012-11-29 Feed to CB3ROB (AS30890) & IDEAR4BUSINESS (AS12327) >>> AS3257 SBL105803 91.209.12.0/24 cb3rob.net 2013-06-12 Suspect block, related to: AS34109/AS51787 (CB3ROB) _________________________________ eg: The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 91.209.12.114 on port 3300 TCP: $ telnet 91.209.12.114 3300 Trying 91.209.12.114... Connected to 91.209.12.114. Escape character is '^]' $ nslookup 91.209.12.114 a114-12-209-91.zyztm.com Other malicious domain names hosted on this IP address: dq.xyzproxies1123.ru 91.209.12.114 dq.xxyzabsproxies.com 91.209.12.114 Referencing malware binaries: 4029b92b86cb5442af67f8c0d2754431 - AV detection: 10/46 (21.74%) 5768efe1a85733d51d5ccbaf17201cc3 - AV detection: 15/46 (32.61%) d07cd9c885edf585dbd1d1009ee07457 - AV detection: 41/46 (89.13%) e2d780caf7e1ad4327bdc95e5a37cac3 - AV detection: 26/47 (55.32%) ________________________ inetnum: 91.209.12.0 - 91.209.12.255 netname: ZYZTM descr: ZYZTM Research Division #10 B.V. country: NL org: ORG-ZR3-RIPE admin-c: ZYRE1-RIPE tech-c: ZYXE1-RIPE status: ASSIGNED PI mnt-by: RIPE-NCC-END-MNT mnt-by: ZYZTM-MNT mnt-lower: RIPE-NCC-END-MNT mnt-routes: ZYZTM-MNT mnt-domains: ZYZTM-MNT source: RIPE # Filtered organisation: ORG-ZR3-RIPE org-name: ZYZTM Research Division #10 B.V. org-type: OTHER address: Apeldoornseweg 53 address: NL-8172 EH address: Vaassen address: The Netherlands e-mail: hostmaster@zyztm.com mnt-ref: ZYZTM-MNT mnt-by: ZYZTM-MNT source: RIPE # Filtered role: ZYZTM NOC address: ZYZTM Research Division #10 B.V. address: Apeldoornseweg 53 address: NL-8172 EH address: Vaassen address: The Netherlands mnt-by: ZYZTM-MNT e-mail: hostmaster@zyztm.com admin-c: ZYXE1-RIPE tech-c: ZYRE1-RIPE nic-hdl: ZYRE1-RIPE source: RIPE # Filtered person: Ing H.J. Xennt address: ZYZTM Research #10 B.V. address: Apeldoornseweg 53 address: NL-8172 EH address: Vaassen address: The Netherlands mnt-by: ZYZTM-MNT e-mail: xennt@zyztm.com phone: +31 113 323330 nic-hdl: ZYXE1-RIPE source: RIPE # Filtered % Information related to '91.209.12.0/24AS34109' route: 91.209.12.0/24 descr: ZYZTM-ROUTE origin: AS34109 mnt-by: ZYZTM-MNT source: RIPE # Filtered _______________ _______________________________________ |
||||||
![]() The Register of Known Spam Operations (ROKSO) collates information and evidence on entities with a history of spamming or providing spam services, and entities affiliated or otherwise connected with them, for the purpose of assisting ISP Abuse Desks and Law Enforcement Agencies. |
![]() |
|