Автор: blog

Google hosts the A record and MX server for the domain compliancetrainings.com, which appears as a dropbox email address is spam sent by «QRC Expert». Received: from a27-140.smtp-out.us-west-2.amazonses.com (a27-140.smtp-out.us-west-2.amazonses.com [54.240.27.140]) Date: Thu, 23 Jul 2020 16:##:## +0000 From: QRC Expert<info@compliance.trainingevent.online> Subject: Understanding and Implementing a QbD Program <snip> Phone : +1 416 915 4438 Email… Читать далее compliancetrainings.com

The host at this IP address is being (ab)used to «listbomb» email addresses: From: sega503store@gmail.com Subject: NITRILE GLOVES AVAILABLE! Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================ In order… Читать далее Abused / misconfigured newsletter service (listbombing)

The host at this IP address (172.217.168.240) is either operated by cybercriminals or hosting compromised websites that are being used to distribute malware: https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6cd19c87f44r9fOMiT/Base64Jef.txt https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6cbd811626fvoj29vW/base64.txt https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6ca94027662Tilxa4P/base.txt https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6e2cbda22efXk3T7X2/base64.txt https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6e2f6c8c5aduP2Yiwx/basejefin.txt https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6eb2aa215a8CVWCf6s/fudjs.txt https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6eab37b8dadMY1gX7C/base3.5.txt https://storage.googleapis.com/wzukusers/user-34654398/documents/5c7921a2cf26cUnJcGVm/nanocoregomes.txt https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6fd6b4eb1c08aAMus8/go.jpeg https://storage.googleapis.com/wzukusers/user-34654398/documents/5c9e24cc08a4dLmV7CJO/CDT.txt AS number: AS15169 AS name: GOOGLE Hostname: ams15s40-in-f16.1e100.net

The host at this IP address (35.208.76.36) is either operated by cybercriminals or hosting compromised websites that are being used to distribute malware: http://brightmega.com/cache/private_zeb4_nzjs3s8v/external_xbhvxe369t6xb_ydlcm/pGuvmo_54f4Htwqj8m/ http://brightmega.com/cache/4796464711-W34GmPVg-Aaw2cPs-DjxjfHyL6rB5/individual-space/31626648-dvlhJGMo/ AS number: AS15169 AS name: GOOGLE Hostname: 36.76.208.35.bc.googleusercontent.com

The host at this IP address (35.214.236.120) is either operated by cybercriminals or hosting compromised websites that are being used to distribute malware: https://detorre.es/mails/balance/ https://detorre.es/mails/browse/7qixp9/9zvqvws98390902ebh2jx0n2kl2ny/ AS number: AS15169 AS name: GOOGLE Hostname: 120.236.214.35.bc.googleusercontent.com

The host at this IP address (35.209.176.170) is either operated by cybercriminals or hosting compromised websites that are being used to distribute malware: https://pacwebdesigns.com/images/closed-crln3-qr0sbu6ugbujz6vz/security-4OBwJnc6nb-91UqphUJiClf3/49329729025825-7TuvZ/ https://pacwebdesigns.com/images/5mu613-mat6-3245/ AS number: AS15169 AS name: GOOGLE Hostname: 170.176.209.35.bc.googleusercontent.com

The host at this IP address (35.214.158.157) is either operated by cybercriminals or hosting compromised websites that are being used to distribute malware: https://simoneporzi.it/wp-snapshots/lm/10mcf1ow73i/ AS number: AS15169 AS name: GOOGLE Hostname: 157.158.214.35.bc.googleusercontent.com

The host at this IP address (35.206.120.183) is either operated by cybercriminals or hosting compromised websites that are being used to distribute malware: http://jpwoodfordco.com/admin/browse/bx26825943sntgqf4q3nlr5a/ AS number: AS15169 AS name: GOOGLE Hostname: 183.120.206.35.bc.googleusercontent.com

The host at this IP address (35.214.157.240) is either operated by cybercriminals or hosting compromised websites that are being used to distribute malware: http://equimination.ee/wp-admin/invoice/abi75j3yqxm/8rmu42281152247jy0ayb7kygbzigyw/ AS number: AS15169 AS name: GOOGLE Hostname: 240.157.214.35.bc.googleusercontent.com

2021.08.04 1272 domains, a sample checked show that something lives there but no actual URLs to test with. 2020.09.01 «…» Even more domains now here as they cycle through a domain a day with lots of garbage hosts. 34.80.14.60 6bi1os3odmo1ut83ikujfpdgce.e8ayxq.com 2021-05-16 34.80.14.60 742cb2in0vtqgbrm6vdh8to9rp.cead8f.com 2021-05-16 34.80.14.60 7qj3n4uso6hsfaam5iajs20o7e.jkymny.com 2021-05-16 34.80.14.60 9e17a8oi2usd2hl2lsqfp3igo2.uzfdk5.com 2021-03-28 34.80.14.60 ag9noaochsovlb6rvii25du63n.hetdsgafwgerhts.com 2021-05-16 34.80.14.60 anqsljbr4ad5o5v0vvbnmjq7mh.fwfbcb.com… Читать далее Apple Phishing Landing sites: