Автор: blog

Spammer hosting located here: https://storage.googleapis.com/ca3f15cc0563174d47a7/6411d211243d2cd9d4cb#cl/86024_md/10/61943/4545/289/4485 -> http://soni-social.com/ —> https://getverdure.com/0/2/4642/0963ed4173ec9b656ce88c955cfbec5d/10/86024_60/289_4485_61943_708115_md —> https://internetlovin.com/index2.php?id=79&s1=350221&s2=558447307&s3=1534&p=de2diet8a —-> https://bbstairs.com/?028747d09e1dbbc22d86cc9885fdd37b $ dig +short storage.googleapis.com 172.217.168.16 216.58.215.240 172.217.168.80 172.217.168.48 Spam sample ==================================================================== Received: from webdesignwessel.nl (ip91.ip-51-81-233.us [51.81.233.91]) by X (Postfix) with ESMTP id X for <X>; Mon, 3 May 2021 X MIME-Version: 1.0 Message-Id: <X@presentcharity.net> From: =?utf-8?B?S2V0by1EacOkdCB1bmQgR2V3aWNodHN2ZXJsdXN0?= <NrMTyqn@presentcharity.net> Subject: =?utf-8?B?VmVybGllcmVuIFNpZSBiaXMgenUgMTQga2cgaW4gZWluZW0gTW9uYXQsIG9obmUgU3BvcnTDvGJ1bmdlbiAhIQ==?= Reply-To: reply_to@presentcharity.net To:… Читать далее Spammer hosting @172.217.168.48

Spam source ==================================================================== Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by X (Postfix) with ESMTPS id X for <X>; Mon, 3 May 2021 X Received: by mail-pf1-f181.google.com with SMTP id X for <X>; Mon, 03 May 2021 X DKIM-Signature: X X-Google-DKIM-Signature: X X-Gm-Message-State: X X-Google-Smtp-Source: X X-Received: by 2002:a65:4481:: with SMTP id X; Mon, 03 May 2021… Читать далее Spam source @209.85.210.181

The host at this IP address is being (ab)used to «listbomb» email addresses: From: news.goldrealestate@gmail.com Subject: Καλή Ανάσταση!!! From: news.goldrealestate@gmail.com Subject: Καλή Ανάσταση!!! Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem… Читать далее Abused / misconfigured newsletter service (listbombing)

The host at this IP address is emitting spam emails. Spam sample ========================================= From: misha@webprorank.co Subject: Proposal… =========================================

cc4you.su. 599 IN A 34.121.41.231 34.121.41.231 validccseller.cc 2021-05-18 19:11:16 34.121.41.231 nonvbv.cc 2021-05-18 19:11:02 34.121.41.231 cards-shop.cc 2021-05-18 19:10:58 34.121.41.231 dumps-shop.cc 2021-05-18 19:10:57 34.121.41.231 spamming-tools.cc 2021-05-18 19:10:47 34.121.41.231 feshop-dumps.cc 2021-05-18 19:10:41 34.121.41.231 www.feshop-dumps.cc 2021-05-18 02:56:02 34.121.41.231 horux.su 2021-05-14 11:26:12 34.121.41.231 piratescc.cc 2021-05-14 00:25:41 34.121.41.231 valid4you.cc 2021-05-09 13:10:51 34.121.41.231 carderbase.cc 2021-05-09 13:10:48 34.121.41.231 royaldumps.su 2021-05-09 01:05:50 34.121.41.231 cardshop.cc… Читать далее Cybercriminal credit-card theft carding gang at cc4you.su, kingscard.cc etc.

Received: from wikihow.com (129.146.252.239 [129.146.252.239]) Date: Fri, 21 May 2021 05:0x:xx +0200 From: Bitcoin Code<droblx.com@com.1strand0m-accessdigitalstoragedevice.exposed> Subject: Why has Mark Zuckerberg invested in crypto https://storage.googleapis.com/009630314ac2a9e/offrall.html https://www.pw22trk.com/2CS482FTB/XCQZJ/?creative_id=1366&source_id=2&sub1=qwn https://tracking.track-it.pro/aff_c?offer_id=45&aff_id=1057&aff_sub=[]&aff_sub2=670473&aff_sub3=qwn&aff_sub4=&aff_sub5=Code&aff_click_id= https://the-btc-system.com/?clickID=[]&aff=Code&c=CH&tid=[]&aff_id=1057 https://codenet-systemapp.com/api/v1/auto_login?r=https://codenet-systemapp.com/ https://codenet-systemapp.com/funds www.pw22trk.com. 300 IN A 35.244.150.190 tracking.track-it.pro. 300 IN A 172.67.159.25 tracking.track-it.pro. 300 IN A 104.21.34.104 the-btc-system.com. 300 IN A 104.21.6.181 the-btc-system.com. 300 IN A 172.67.135.26 codenet-systemapp.com.… Читать далее affiliate spam @pw22trk.com

The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://nailedpizza.top/bestof/mixx.exe $ dig +short nailedpizza.top 34.125.228.46 $ nslookup 34.125.228.46 46.228.125.34.bc.googleusercontent.com Referencing malware binaries (MD5 hash): 06c5a89c509a5afcbef70e70af2be2e0 — AV detection: 41 / 70 (58.57) 09165873eb04782b0534901819d61ea9 — AV detection: 44 / 68 (64.71) 095bcc33caf19572639e9b1a7d607128 — AV detection: 28 / 69… Читать далее Malware distribution @34.125.228.46

35.196.119.226 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 35.196.119.226 stops answering DNS queries for spamvertized domain names. 2 Nameservers seen on 35.196.119.226: NS1.HOSTSPOT360.COM — 360smscubix.com — aceillustrations.com — animationinfinix.com — animationwonder.com — bpobench.org… Читать далее RetroCubes

Google: A prolific spam operation based in South Africa, that advertises business training seminars and webinars to purchased and appended lists, is hosting a sending domain with you. Please remove this domain and, if appropriate, the owner from your service. SPAM SAMPLE: Received: from smtp#.blazon.co (smtp#.blazon.co [41.138.70.8#]) Date: Tue, 01 Jun 2021 10:##:## +0200 From:… Читать далее business-excellence.co.za (sending for Academy for Busines Excellence Africa/Norcaz Training Academy)

Stolen credit card data websites: rescator.cn. 599 IN A 34.106.223.72 34.106.223.72 rescator.cm 2021-06-03 00:17:58 34.106.223.72 rescator.cn 2021-06-02 23:16:09 Phishing too? 34.106.223.72 mosmors236x.digital 2021-06-02 12:11:32 34.106.223.72 hakoland.digital 2021-06-02 07:02:13 34.106.223.72 akgerdanciger23.digital 2021-06-02 02:38:57 34.106.223.72 kaderutansin2.digital 2021-06-01 08:27:28 34.106.223.72 brlsdans2.digital 2021-06-01 02:15:47 34.106.223.72 motorkuryecagirgelsin.digital 2021-05-31 15:01:27 34.106.223.72 mollasdal.digital 2021-05-30 15:55:46 34.106.223.72 laledevricocuklari.digital 2021-05-30 15:45:53 34.106.223.72 romainhavasi24.digital 2021-05-28… Читать далее Carding fraud site/forum: rescator.at / rescator.cm / rescator.cn (lampeduza.cm / omerta.cc)