Spammer hosting @172.217.168.36

Spammer hosting located here:
http://www.google.com/url?q=http%3A%2F%2Fgo.tipirock4.com%2F0e42&sa=D&Hg=Mh&usg=AFQjCNFU9A-BJV6zo6zbiu_s4SpbUgqfZQ
-> http://go.tipirock4.com/0e42
—> http://de.bitcoin-now.tipirock4.com/?session=X

$ dig +short www.google.com
172.217.168.36

Spam sample
===========================================
Received: from sv1344.xserver.jp (sv1344.xserver.jp [183.90.250.45])
by X (Postfix) with ESMTPS id X
for <X>; Sat, 19 Jun 2021 11:26:11 +0000 (UTC)
Received: from virusgw10.xserver.jp (virusgw10.xserver.jp [183.90.250.243])
by sv1344.xserver.jp (Postfix) with ESMTP id X
for <X>; Sat, 19 Jun 2021 X
Received: from sv1344.xserver.jp (183.90.250.45)
by virusgw10.xserver.jp (F-Secure/fsigk_smtp/521/virusgw10.xserver.jp);
Sat, 19 Jun 2021 20:26:09 +0900 (JST)
X-Virus-Status: clean(F-Secure/fsigk_smtp/521/virusgw10.xserver.jp)
Received: by sv1344.xserver.jp (Postfix, from userid 20014)
id X; Sat, 19 Jun 2021 X
To: X
Subject: ??
Date: Sat, 19 Jun 2021 X
From: =?UTF-8?B?5L2Q5Lyv6Zu76Kit?= <info@saeki-densetsu.com>
Message-ID: <X@www.saeki-densetsu.com>
X-Mailer: PHPMailer 5.2.22 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

差出人: LamarFlurl <X>
題名: ??

メッセージ本文:
All you need is at your fingertips, do not hesitate! Invest $ 256 and get passive income of $ 3700 per day >>>>>>>>>>>>>> http://www.google.com/url?q=http%3A%2F%2Fgo.tipirock4.com%2F0e42&sa=D&Hg=Mh&usg=AFQjCNFU9A-BJV6zo6zbiu_s4SpbUgqfZQ <<<<<<<<<<<

内容を確認しましたら折り返しご連絡を差し上げます。
よろしくお願いいたします。
===========================================

Опубликовано
В рубрике google.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *