Spammer hosting @172.67.128.114

Spammer hosting located here:
https://altafxcom.s3.eu-central-1.amazonaws.com/malta.html
-> https://dabsavy.com/0/0/0/X/
—> https://soltesperanza.com/X
—> https://racingventured.com/X
—-> https://voldrips.com/click?trvid=X
——> https://thiswaytotheinternet.com/?a=X
——> https://hitthattarget.com/?a=X
——-> https://try.comeandtake5.com/ch/?o=X

$ dig +short hitthattarget.com
104.28.8.8
104.28.9.8
172.67.128.114

Spam sample
=================================
Received: from discoveryvip.com (unknown [5.188.108.162])
by X(Postfix) with ESMTP id X
for <X>; Fri, 11 Sep 2020 X
Precedence: Bulk
To: X
Reply-To: =?utf-8?Q?Spar?= <info@postfinance.ch>
From: =?utf-8?Q?Spar?= <info@postfinance.ch>
Subject: =?utf-8?Q?Wir=20haben=20eine=20=c3=9cberraschung=20f=c3=bcr=20SPAR=20Shopper=21?=
X-priority: 1
Content-Type: text/html; charset=UTF-8
Precedence: Bulk
Content-Transfer-Encoding: quoted-printable
Message-Id: <X.X@discoveryvip.com>
Date: Fri, 11 Sep 2020 X

<h3 style=3D»text-align: center;»><span style=3D»font-size: 300%;»><a href=
=3D»https://altafxcom.s3.eu-central-1.amazonaws.com/malta.html» target=3D»_=
blank» rel=3D»noopener»><span style=3D»color: #008000;»> <span style=3D»col=
or: #cc0001;»>Wir haben eine =C3=9Cberraschung f=C3=BCr SPAR Shopper!</span=
> </span></a></span></h3>
<p><a href=3D»https://altafxcom.s3.eu-central-1.amazonaws.com/malta.html» t=
arget=3D»_blank» rel=3D»noopener»><img style=3D»display: block; margin-left=
: auto; margin-right: auto;» src=3D»https://i.imgur.com/ZdAfZKG.png» alt=3D=
«» width=3D»768″ height=3D»698″ /></a></p>
=================================

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *