amazon.com — Страница 26

Spam payload

$ host slutty-house.com slutty-house.com has address 3.227.213.110 slutty-house.com has address 34.204.46.170 slutty-house.com has address 44.199.59.39 slutty-house.com has address 54.210.212.228 slutty-house.com has IPv6 address 2600:1f18:454c:f520:3738:32f2:eafe:2299 slutty-house.com has IPv6 address 2600:1f18:454c:f530:6d78:920d:e8ec:c7fa slutty-house.com has IPv6 address 2600:1f18:454c:f540:fd5c:7486:f7e6:3f90 slutty-house.com has IPv6 address 2600:1f18:454c:f510:7c20:c89e:2de:7552

Spam payload

Spam popup

$ host meetrussianlove.com meetrussianlove.com has address 52.34.8.228 Stealth popup on a spam-advertised website

Spamvertised website

Received: from gotogml.com (gotogml.com. [185.122.223.223]) From: 🔔Gemeentelijk Energie <[]@gotogml.com> Date: Fri, 08 Oct 2021 09:1x:xx +0000 Subject: Nieuw in uw gemeente: bespaar via het Gemeentelijke Energie Collectief http://crystals.com.de/rd/[] 167.99.245.231 https://laudypauty.com/[] 209.159.146.166 https://sendt.go2cloud.org/aff_c?offer_id=2893&aff_id=1482&aff_sub=472864&aff_sub2=[]&aff_sub3=31 18.202.12.61

Banload botnet controller @3.142.130.155

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Banload botnet controller located at 3.142.130.155 on port 80 (using HTTP POST): hXXp://bagnovo.duckdns.org/parapop/tuisR485959fjgjgjjg.php $ dig +short bagnovo.duckdns.org 3.142.130.155 $ nslookup 3.142.130.155 ec2-3-142-130-155.us-east-2.compute.amazonaws.com Other malicious domain names hosted… Читать далее Banload botnet controller @3.142.130.155

spam emitter @23.249.218.3

Received: from d218-3.smtp-out.eu-west-2.amazonses.com (23.249.218.3) From: Stefan Fredriksson <stefan@primemarketventure.com> Subject: Enligt överenskommelsen [], mer information inför mötet på Måndag Date: Thu, 7 Oct 2021 08:5x:xx +0000

affiliate spam @m4rv3l.com

Received: from panzertank.eu.com (panzertank.eu.com. [185.122.223.224]) Subject: 🔔 Laatste mededeling: [] Cheque — Uw geld wacht! 💲150.000💰▶️ Bevestiging: #[] Date: Wed, 06 Oct 2021 14:1x:xx +0000 From: SlotHunter 🎰 <[]> https://storage.googleapis.com/hamnad/uurtmmm.html#[] 173.194.69.128 http://crystals.com.de/rd/[] 167.99.245.231 https://beakhair.com/?a=2812&oc=13923&c=39460&m=3&s1=12&s2=[]&s3=[] 34.91.99.156 http://tracking.m4rv3l.com/aff_c?offer_id=300&aff_id=1042&url_id=178&aff_sub=[]&aff_sub3=2812 176.34.200.217 https://www.slothunter.com/promotions/welcome-300?stag=[]&__layerref=http%3A%2F%2Fcrystals.com.de%2F 104.18.2.88

affiliate spam @singlesrussian.com

Received: from ssay.mta36.appspot.com (40.86.247.121) From: Single Russians <admin@single-russians.com> Subject: These women are ONLY looking for long-term relationships. Date: Wed, 06 Oct 2021 20:3x:xx +0200 http://stackfullrush.com/cl/[] 52.179.96.156 https://prenzy.page.link/H3Ed?s1=1&s2=1487_10&s3=[] 142.250.217.174 https://www.thedealsto.com/[] 89.43.30.24 https://www.y4pamtrk.com/[]/?source_id=1477&sub1=[] 34.120.18.211 https://www.singlesrussian.com/qa/register01.php?aid=1374&oid=CP274764&qpid_offer_id=SSR_826851TMEDK&qpid_subid=425&qpid_clickid=p[&source_tag=1477 18.144.111.139