Рубрика: amazon.com

Received: from [109.237.97.59] (helo=borderlandresearch.com) From: Congratulations <newsletter@bademeister.com> Subject:_We’ve seen your loyalty and now it’s time for us to give thanks Date: Fri, 25 Feb 2022 20:1x:xx +0100 https://usaketo.page.link/[] 172.253.63.138 https://www.biggvalues.com/6PBSMXP/SK34J1G/?creative_id=11443&source_id=tyu98765tgh&sub1=[]&sub2=gfr5678&sub3=65r4edfgh&sub4=765refgh&sub5=[] 70.37.99.62 https://www.lpredirect.com/24QSBG/981J153/?source_id=3532&sub1=[] 34.117.79.165 https://wintodayyou.com/4685-4586-fl-adi/?encoded_value=24QSBG&sub1=[]&sub2=&sub3=&sub4=&sub5= 185.128.34.90 https://www.megatr4ffic.com/24QSBG/8S71PZK/?sub1=[]&sub2=&sub3=&sub4=&sub5= 34.117.79.165 https://sm2.techcharmtdy.com/?ts=78A14007&s1=25&s2=&clickid=[] 54.85.225.142

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 54.209.212.142 on port 2030 TCP: $ telnet 54.209.212.142 2030 Trying 54.209.212.142… Connected to 54.209.212.142. Escape character… Читать далее RemcosRAT botnet controller @54.209.212.142

educationfinancings.com A 18.195.174.160 prizetrackings.com A 18.195.174.160 yourbranding.info A 18.195.174.160 brandinggoalsinf.com A 18.195.174.160 topdatingspace.com A 18.195.174.160 redirectingtothenextpage.com A 18.195.174.160 brandingaim.com A 18.195.174.160 browsing-safe-global.com A 18.195.174.160 trackingredirectnew.com A 18.195.174.160 toppaymentz.com A 18.195.174.160 click-secured.com A 18.195.174.160 secured-base.com A 18.195.174.160 spider-secured.com A 18.195.174.160 secured-nexus.com A 18.195.174.160 today-secured.com A 18.195.174.160 businessmarketingz.club A 18.195.174.160 goodmarketinggroup.club A 18.195.174.160 yourbrandingzone.com A 18.195.174.160 hoverbrandings.com… Читать далее Spammer hosting @18.195.174.160

Received: from aws4.wpgamahost4.com (aws4.wpgamahost4.com [34.230.180.5]) by X (Postfix) with ESMTP id X for <X>; Fri, 25 Feb 2022 X X-LinkedIn-fbl: X Acceleration-Overturn: stool Require-Recipient-Valid-Since: X; Fri, 25 Feb 2022 X Content-ID: html-body X-LinkedIn-Class: EMAIL-DEFAULT Subject: You have 1 new message Dreyfuss-Factorizations-Ligature: X X-LinkedIn-Id: X Date: Fri, 25 Feb 2022 X Told-Acquisition: X Message-ID: <X.X@aws4.wpgamahost4.com> MIME-Version:… Читать далее Spam source @34.230.180.5

Received: from a48-39.smtp-out.amazonses.com (a48-39.smtp-out.amazonses.com [54.240.48.39]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by X (Postfix) with ESMTPS id X for <X>; Thu, 24 Feb 2022 X DKIM-Signature: X From: «Emilia, Account Admin» <withdrawalpage@outlook.com> Subject: X, =?utf-8?q?l=C3=B6sen?= Sie Ihre BTC ein, um eine Kontosperrung zu vermeiden To: X Content-Type: multipart/alternative;… Читать далее Spam source @54.240.48.39

Received: from orangepix.it (194.54.80.107) From: REFINⱭNSIERING <[]@centreforautism.ab.ca> Date: Thu, 24 Feb 2022 10:3x:xx +0000 Subject: SØK FORBRUKSLÅN INNTIL 500.000 KR https://s3.amazonaws.com/55s4dfs5454/54sdf45s4df87.html#qs=[] 52.216.86.165 http://bnetmail.net/qs=[] 199.249.170.125 https://koffdeal.com/?a=1478&oc=12541&c=35950&m=3&s1=[]&s2=[]&s3=55 35.204.100.162

54.164.220.170|citizens-onlinesupport.ga|2022-02-23 22:41:32 54.164.220.170|citizensbankonline-support.ml|2022-02-23 14:24:21 54.164.220.170|support-citizensbank.ga|2022-02-23 22:41:58 54.164.220.170|supportonlinecitizens.ml|2022-02-23 22:56:45

The host at this IP address is being (ab)used to «listbomb» email addresses: From: Quirk Chevrolet MA <leads@chevy.quirkautodealers.net> Subject: XXX, we may want to buy your vehicle. Try our trade in tool today and see what your vehicle is worth Problem description ============================ Spammers signed up for the bulk email service using the victim’s email… Читать далее Abused / misconfigured newsletter service (listbombing)

Received: from wavylines.xyz (wavylines.xyz. [51.38.177.177]) Subject: Details Apply Date: [DATE] From: «»[]»» <[]@wavylines.xyz> https://s3-us-west-2.amazonaws.com/ex2ak34tq/[] 52.218.204.24 http://typographyfirst.click//cl/4105_md/[] 193.36.237.179 https://zakatsnose.com/[] 193.68.89.144 https://acusticstoves.com/?s1=350310&s2=[]&s3=2576&s4=1553&ow=&s10=657 172.67.158.25 https://yettmarina.com/[] 104.21.11.116 https://chubberz.com/click?s2=[]&s1=350310&s3=2576&trvid=10386&s4=1553&ow=8 209.236.112.79 https://www.lz5bmtrk.com/4RQSJ/6JHXF/?sub2=[] 34.120.145.181 https://www.techratedgadgets.com/monthlydeal/PT1/?affid=3&c1=&c2=[]&c3=&click_id=[] 172.67.195.122

18.188.42.158|signin-becu1help-error-id.com|2022-02-22 23:22:06 18.188.42.158|signin-macu1help-error-id.com|2022-02-22 00:07:33 18.188.42.158|signin-macu2help-error-id.com|2022-02-22 23:56:30