Рубрика: amazon.com

15.237.117.24|ali-new.man—dns-main.city|2021-12-15 13:41:51 15.237.117.24|becusupportcom.ml|2021-12-24 13:51:30 15.237.117.24|becusupportcom.tk|2021-12-24 14:12:10 15.237.117.24|fiswuizxhi.ml|2021-12-24 14:31:12 15.237.117.24|mtbanksupport.com|2021-12-24 12:16:28

The host at this IP address is being (ab)used to «listbomb» email addresses: From: OGI Newsletter <noreply@oginnovation.co.uk> Subject: Happy Holidays from OGI! Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution… Читать далее Abused / misconfigured newsletter service (listbombing)

Malware botnet controller hosted here: http://ec2-18-228-11-80.sa-east-1.compute.amazonaws.com/TES/M98867567576756U6U6U67.zip http://ec2-18-228-11-80.sa-east-1.compute.amazonaws.com/TEST_2/dados.txt http://ec2-18-228-11-80.sa-east-1.compute.amazonaws.com/TEST_2/clientes.php http://ec2-18-228-11-80.sa-east-1.compute.amazonaws.com/TEST_2/erttrry565465454r.php $ dig +short ec2-18-228-11-80.sa-east-1.compute.amazonaws.com 18.228.11.80 $ dig +short f1n2nc32022.com 103.125.218.24

verifybecuprofile.com has address 13.40.70.238

99.79.32.147|becucustomer.org|2021-12-15 20:51:19 99.79.32.147|securebecudirect.org|2021-12-15 20:30:58 99.79.32.147|securebecufund.org|2021-12-15 20:50:55 99.79.32.147|securebecufundbank.com|2021-12-15 20:31:11

IP originating phish spam. ec2-3-10-179-221.eu-west-2.compute.amazonaws.com. 604800 IN A 3.10.179.221 ================================================================== Return-Path: <www@x> Received: from mail.federalberghiriccione.it (mail.federalberghiriccione.it [195.43.168.44]) by x (Postfix) with ESMTPS id x for <x>; Wed, 15 Dec 2021 xx:xx:xx +0100 (CET) Received: from x (ec2-3-10-179-221.eu-west-2.compute.amazonaws.com [3.10.179.221]) (Authenticated sender: milano@federalberghiriccione.it) by mail.federalberghiriccione.it (Postfix) with ESMTPSA id x for <x>; Wed, 15 Dec 2021 xx:xx:xx… Читать далее phish origin

IP hosting a phish site. ec2-54-201-107-192.us-west-2.compute.amazonaws.com. 604800 IN A 54.201.107.192 URL: http://54.201.107.192/60006/www7.htm Server IP address is 54.201.107.192 HTTP/1.1 200 OK Connection: close Date: Wed, 15 Dec 2021 xx:xx:xx GMT Accept-Ranges: bytes Server: Apache/2.4.51 (Win64) OpenSSL/1.1.1l PHP/7.4.25 Content-Length: 10729 Content-Type: text/html Last-Modified: Wed, 15 Dec 2021 16:15:57 GMT <!DOCTYPE html> […] <form id=»contact» method=»POST» action=»»> <div… Читать далее phish site

[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. Received: from a48-118.smtp-out.amazonses.com (a48-118.smtp-out.amazonses.com [54.240.48.118]) by [redacted] with ESMTPS via TCP… Читать далее spam source

[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. Received: from a48-117.smtp-out.amazonses.com (a48-117.smtp-out.amazonses.com [54.240.48.117]) by [redacted] with ESMTPS via TCP… Читать далее spam source

https://measurement.cs.princeton.edu/privacystudy/ Please see https://www.spamhaus.org/consumer/definition/ «Spam is an issue about consent, not content. Whether the Unsolicited Bulk Email («UBE») message is an advert, a scam, porn, a begging letter or an offer of a free lunch, the content is irrelevant — if the message was sent unsolicited and in bulk then the message is spam,» or… Читать далее spam source / hosting