MALICIOUS UKRAINIAN BLOG VISITOR TO THIS SITE: Domain: www.trustcombat.com IP: 193.169.86.16 Both listed at SPAMHAUS (CBL & DBL) Darkmailer, DirectMailer, r57shell

MALICIOUS UKRAINIAN BLOG VISITOR
DOMAIN:

http://www.trustcombat.com/

• https://www.virustotal.com/de/url/2cf65d9d85697456c083934f86a3ff2ebe33957bdeb4a46bfcfade3757943dba/analysis/1402156166/

• https://www.virustotal.com/de/file/7c480e29f808effb1f06aa2dfd0a97a3192fc649293ecb39679716f16c000a1a/analysis/1402155972/

SPECIFIC VISITING LINK:

http://www.trustcombat.com/faq.htm

• https://www.virustotal.com/de/url/f82e2bab033491836777d7b66c735884473f12a8f2bc05cb94994411ab0729cc/analysis/

• https://www.virustotal.com/de/file/dac8b8d3f068796c7eda0e4fc1e529c151fc069f0788ac2992f166f47a47b944/analysis/1402155861/

LISTED AT SPAMHAUS (DBL):

• http://www.spamhaus.org/query/domain/trustcombat.com

SEE ALSO:

• http://zulu.zscaler.com/submission/show/3c2cb0b556a921a810249fdbc9203e5a-1402155759

• https://www.mywot.com/en/scorecard/trustcombat.com

ALSO:

Nginx Server SOFTWARE OUTDATED. VULNERABLE !

IP:

http://193.169.86.16/

• https://www.virustotal.com/de/url/71b23f991cac80f7ca367f2d91c835c62b6b6bdb1e15965813640c1172e91429/analysis/1402157283/

• https://www.virustotal.com/de/file/2c16cd2a73dd803fda6f64ad50e507d0d6e72474036008c13e01bbd188f22a75/analysis/1402157590/

• https://www.virustotal.com/de/ip-address/193.169.86.16/information/

The IP Address 193.169.86.16 (IP LOCATION: Ukraine) is listed in the CBL (Composite Blocking List). It appears to be infected with a spam sending trojan, proxy and/or some other form of botnet. It was last detected at 2014-06-06 07:00 GMT (+/- 30 minutes), approximately 1 days, 9 hours, 29 minutes ago.

It has been relisted following a previous removal at 2014-06-01 06:17 GMT (6 days, 10 hours, 21 minutes ago).

This IP is sending email in such a way to indicate that it is, or is NATting for a web server that is infected with a spam sending script, like Darkmailer, DirectMailer, r57shell, or some analogous Perl, PHP or CGI script.

IP LISTED AT SPAMHAUS (CBL):

• http://www.spamhaus.org/query/bl?ip=193.169.86.16

• http://cbl.abuseat.org/lookup.cgi?ip=193.169.86.16

EMAIL REP: POOR

• http://www.senderbase.org/lookup/?search_string=193.169.86.16

New Jerseys ONLINE CHILD PREDATORS 2011: Ronald Oshrin, 50, of Budd Lake, New Jersey Sentenced to 15 years Federal Prison for recording children with Hidden Cameras

Ronald Oshrin

A computer consultant from Budd Lake has been sentenced to 15 years in prison for installing hidden cameras in his Morris County home and then using the cameras to secretly record young girls who were nude or undressing. While admitting to his crime in December 2011, Ronald Oshrin, 50, pleaded guilty before U.S. District Judge Joseph H. Rodriguez to production of child pornography. Judge Rodriguez imposed the sentence in federal court in Camden.

Joseph H. Rodriguez

At the time the initial charges were brought in April 2012 against Oshrin – who is married with children – his lawyer said his client had 23 years of experience as a computer consultant with "the veteran's administration." Oshrin has admitted, according to authorities, that between 2007 and April 2012, he installed hidden cameras in a bedroom and a bathroom of his home in order to record nine young girls in various states of undress.

He's also admitted to editing the videos to produce still photographs, authorities say, as well as to distributing videos and the still photographs of the girls over the internet.

In addition, authorities said, Oshrin admitted to having sexual contact with certain minors.

According to an FBI-signed complaint made public in April 2012, agents spoke with Oshrin and he allegedly told them that he "regularly downloads child pornography from various websites on the internet.”


The complaint can be found here (.pdf):
http://www.justice.gov/usao/nj/Press/files/pdffiles/2012/Oshrin,%20Ronald%20Complaint.pdf

In addition, the complaint alleged that “he also regularly distributed child pornography through various methods including direct e-mail and posting on known child pornography sites and file sharing sites.”

The complaint also alleged that "when pre-pubescent girls were in the bathroom or bedroom, (Oshrin) would monitor the cameras and make video recordings of the girls ... disrobing, using the shower or using the toilet.

"Because he installed multiple cameras ... it allowed video production from various angles and allowed him to focus on specific areas of interest," the complaint said.

SOURCE: http://www.nj.com

ADDITIONAL LINKS:

• http://www.fbi.gov/newark/press-releases/2012/man-who-allegedly-recorded-girls-with-hidden-camera-faces-federal-child-pornography-charge
• http://www.nj.com/news/index.ssf/2012/04/morris_county_man_accused_of_u.html

Category MALICIOUS IP: 217.106.230.143 Infected with CONFICKER Botnet & Dictionary Attacker CBL Listed (Russian Federation)

The IP Address 217.106.230.143 is listed in the CBL. It appears to be infected with a spam sending trojan, proxy or some other form of botnet.

It was last detected at 2014-06-01 09:00 GMT (+/- 30 minutes), approximately 3 hours ago.

This IP is infected (or NATting for a computer that is infected) with the Conficker botnet.

---------------------------------------------------------------------------------------------------------------------------------------------

IP:

http://217.106.230.143/

• https://www.virustotal.com/de/url/2eec4640667c218ae8a6a9da97422083720b4477387dfcc59e569bd0d014d424/analysis/1401473689/

• https://www.virustotal.com/de/ip-address/217.106.230.143/information/

Listed at SPAMHAUS (CBL):

• http://www.spamhaus.org/query/bl?ip=217.106.230.143

Listed at CBL:

• http://cbl.abuseat.org/lookup.cgi?ip=217.106.230.143

Listed at Weighted Private Block List:

• http://www.wpbl.info/cgi-bin/detail.cgi?ip=217.106.230.143

Listed NiX-Spam

• http://www.dnsbl.manitu.net/?language=en

Dictionary Attacker & SPAM Sender:

SPAM MAILS SENT FROM THIS IP: 3.233

• https://www.projecthoneypot.org/ip_217.106.230.143 

SEE ALSO:

• http://zulu.zscaler.com/submission/show/dddc53f4ec74d5076fc8be59977acc69
• http://www.senderbase.org/lookup/?search_string=217.106.230.143
• http://net.cs.uni-bonn.de/wg/cs/applications/containing-conficker/