Автор: blog

http://blog-formeetingbest-babyes.blogspot.com/ ;; QUESTION SECTION: ;blog-formeetingbest-babyes.blogspot.com. IN A ;; ANSWER SECTION: blog-formeetingbest-babyes.blogspot.com. 3599 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 299 IN A 142.250.68.97 Received: from mail.mountainroad.de (mail.mountainroad.de [49.12.113.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by xx; Mon, 12 Oct 2020 00:22:15 -0400 (EDT) From: Clelia Van Dyk <ali.standerwick@wessexwater.co.uk> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wessexwater.co.uk;… Читать далее Using hacked servers to send spam for: blog-formeetingbest-babyes.blogspot.com

Received: from fvwnsuxfjv.co.uk (104.46.231.244 [104.46.231.244]) From: Heart Health Trick <contact.[] Subject: [], THIRTEEN X The Risk Of Heart Attack Due To THIS? Date: Mon, 12 Oct 2020 19:1x:xx +0100 URL: https://storage.googleapis.com/[] Server IP address is 216.58.195.80 => URL: http://r2.azwestern.space/rdt/[] Server IP address is 159.203.56.19 => Location: https://www.airtaryo.com/[] Server IP address is 188.119.120.49 => Location: https://www.efphysio-thirdelement.com/[]/?sub1=[]&sub2=[]… Читать далее Spamvertised website

http://club-4meetingvip-babyes.blogspot.com ;; QUESTION SECTION: ;club-4meetingvip-babyes.blogspot.com. IN A ;; ANSWER SECTION: club-4meetingvip-babyes.blogspot.com.blogspot.com. 3599 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 299 IN A 142.250.68.97 Received: from mail.ecloud.global (mail.ecloud.global [135.181.85.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by xxx; Mon, 12 Oct 2020 17:47:19 -0400 (EDT) Received: from authenticated-user (mail.ecloud.global [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384… Читать далее Using hacked servers to send spam for: club-4meetingvip-babyes.blogspot.com

eg: http://sky-oreoo-71.com/product/sharepoint/verificationAttempt.php sky-oreoo-71.com. 599 IN A 34.89.201.222 hXXp://tracker.co.tz/ Phishing since at least 5/2020 2020-10-09 08:58:59 32q4erfq.top A 34.89.201.222 2020-09-23 20:43:39 32q4erfq.win A 34.89.201.222 2020-09-07 10:03:12 34r5t34r.win A 34.89.201.222 2020-09-12 21:02:05 34r5t34r.xyz A 34.89.201.222 2020-09-13 13:26:58 435r34r345.xyz A 34.89.201.222 2020-09-26 12:28:57 435r34r34r.icu A 34.89.201.222 2020-09-17 13:18:56 435r43r.top A 34.89.201.222 2020-09-27 09:38:51 435r43r.xyz A 34.89.201.222 2020-09-28 14:04:23… Читать далее Hosting phishing domains

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. AZORult botnet controller located at 35.213.160.4 on port 80 (using HTTP POST): hXXp://testwp.warungpencar.com/bp/index.php $ dig +short testwp.warungpencar.com 35.213.160.4 $ nslookup 35.213.160.4 4.160.213.35.bc.googleusercontent.com

Received: from mail.netsec.com.mx (mail.netsec.com.mx [104.36.167.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by xx; Wed, 21 Oct 2020 04:22:25 -0400 (EDT) Received: from client.yota.ru [(94.25.181.69)] by mail.netsec.com.mx (104.36.167.46) with ESMTPSA id xx.msg; Wed, 21 Oct 2020 03:22:38 -0500 X-Remote-Spam-Processed: mail.netsec.com.mx, Wed, 21 Oct 2020 03:22:38 -0500 (not processed: message from trusted… Читать далее Sending porn spam via hacked servers: tinder-formen.blogspot.com

;; QUESTION SECTION: ;dichvusocks.us. IN A ;; ANSWER SECTION: dichvusocks.us. 299 IN A 104.21.234.143 dichvusocks.us. 299 IN A 104.21.234.142 ;; QUESTION SECTION: ;dichvusocks.us. IN MX ;; ANSWER SECTION: dichvusocks.us. 299 IN MX 20 mxa.mailgun.org. 52.22.46.128 dichvusocks.us. 299 IN MX 30 mxb.mailgun.org. 52.22.46.128 dichvusocks.us. 299 IN MX 1 aspmx.l.google.com. 74.125.137.27 dichvusocks.us. 299 IN MX 5 alt1.aspmx.l.google.com.… Читать далее Selling access to hacked server proxies to cybercriminals: dichvusocks.us (MX)

https://best-dattingladyes.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ best-dattingladyes.blogspot.com. 3599 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 299 IN A 172.217.14.97 privatematchch.com. 131 IN A 104.28.13.88 privatematchch.com. 131 IN A 104.28.12.88 privatematchch.com. 131 IN A 172.67.133.129

https://lovies-girlstinder.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ lovies-girlstinder.blogspot.com. 3479 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 179 IN A 172.217.14.97

https://best-dattingladyes.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ best-dattingladyes.blogspot.com. 3599 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 299 IN A 172.217.14.97