cloudflare.com — Страница 36

Phishing payload against WeTransfer

https://www.spamhaus.org/sbl/query/SBL511172 has a payload on facaoteste.com.br. It is marked as deceptive in Google Safe Browsing, but it is still alive. Cloudflare needs to take it down. $ host facaoteste.com.br facaoteste.com.br has address 172.67.136.138 facaoteste.com.br has address 104.21.26.153 facaoteste.com.br has IPv6 address 2606:4700:3032::6815:1a99 facaoteste.com.br has IPv6 address 2606:4700:3032::ac43:888a

Phishing payload against WeTransfer

Phishing payload against Nedbank (South Africa)

www.ezer.or.kr houses the payload for a recent Nedbank phishing spam (see SBL514953) $ host www.ezer.or.kr www.ezer.or.kr has address 104.21.60.87 www.ezer.or.kr has address 172.67.194.253 www.ezer.or.kr has IPv6 address 2606:4700:3034::6815:3c57 www.ezer.or.kr has IPv6 address 2606:4700:3034::ac43:c2fd # whois.kr query : ezer.or.kr # KOREAN(UTF8) 도메인이름 : ezer.or.kr 등록인 : 에젤선교회 등록인 주소 : 서울특별시 용산구 서빙고로65길 38 (서빙고동) 두란노빌딩… Читать далее Phishing payload against Nedbank (South Africa)

Phishing payload against Nedbank (South Africa)

offsite-team.com spammers

From: <xxxxxx@offsite-team.com> To: Subject: Sales Date: Wed, 27 Jan 2021 13:26:15 +0000 I’m from Offsite-Team. We help startups grow sales by overcoming these common issues: • You know who you want to sell to but need their contact information and a way to reach out to them in bulk. • You have an idea for… Читать далее offsite-team.com spammers

affiliate spam @teehag.com

Received: from mail-lj1-f194.google.com (mail-lj1-f194.google.com [209.85.208.194]) From: «Mark E. Roque» <dinhvananh883@gmail.com> Reply-To: dinhvananh883@gmail.com Date: Sat, 6 Feb 2021 19:0x:xx -0800 Subject: Nice Gift Idea Gucci Tee Shirt https://teehag.com/user/teehag088/t-shirt/190-Gucci-Collection?refId=14393 teehag.com. 300 IN A 104.21.58.100 teehag.com. 300 IN A 172.67.158.253

Spammer hosting @172.67.194.166

Spammer hosting located here: $ dig +short blackhat.to 172.67.194.166 104.21.44.38 Spam sample ============================== Hello If you ever need Negative SEO Serrvices, we offer it here https://blackhat.to contact us: support@blackhat.to Unsubscribe: http://blackhat.to/unsubscribe/ ==============================

Spamvertised website

Received: from easy.pipeliness.co (easy.pipeliness.co [37.59.209.232]) Date: Thu, 25 Feb 2021 00:3x:xx +0000 Subject: voucher van €1000 weg voor favoriete eten en drinken aan te schaffen From: Denise Bakker <easy@pipeliness.co> URL: https://butterfly.sitight.co/index.php/campaigns/[] Server IP address is 104.21.17.247 => Location: https://reallyok.co/[] Server IP address is 172.67.217.4 => https://www.randolinks1.com/[]/?sub1=uma => www.randolinks1.com. 100 IN A 142.147.98.34 https://go.raffletrack.com/?c=32&s1=1026&s2=[] => go.raffletrack.com.… Читать далее Spamvertised website

Carding fraud site/forum: s-fraud.ru / uas-shop.ru / trump-dumps.su / trump-dumps.ru / trump-dump.ru

Stolen credit card data sites. See: https://www.youtube.com/channel/UCK8y25kqIZMAeqit6ppvwwA s-fraud.ru. 3599 IN A 94.26.224.98 trump-dumps.su. 599 IN A 5.188.33.25 trump-dumps.ru. 599 IN A 34.65.33.2 trump-dump.ru. 299 IN A 172.67.206.83 trump-dump.ru. 299 IN A 104.21.15.148 trump-dump.ru. 21599 IN NS donovan.ns.cloudflare.com. <<<<<< DNS too trump-dump.ru. 21599 IN NS ryleigh.ns.cloudflare.com. uas-shop.ru. 299 IN A 104.21.37.125 uas-shop.ru. 299 IN A 172.67.208.29… Читать далее Carding fraud site/forum: s-fraud.ru / uas-shop.ru / trump-dumps.su / trump-dumps.ru / trump-dump.ru