Рубрика: cloudflare.com

Purchased or leasing domain. Using p01243@psilink.com to create false LOAs: ;; QUESTION SECTION: ;psilink.com. IN A ;; ANSWER SECTION: psilink.com. 299 IN A 104.21.23.21 psilink.com. 299 IN A 172.67.208.108 psilink.com. 299 IN MX 10 mx.yandex.net. Hijacking /16 range from long-dead corporation. _____________________________________________ April/21: Hijacked by AS398968 — INTERCONTINENTAL INTERNET DATA CORP This netblock appears to… Читать далее Hijacked IP space: Arthur Andersen & Co., S.C. — dead POC used to hijack: p01243@psilink.com

Spammer hosting located here: https://objectstorage.us-ashburn-1.oraclecloud.com/n/idqyn1owx1ll/b/njfrbizzgausse/o/1FRdqgqcalkdh.html -> https://www.hasadom2.com/X -> https://securedns.site/LtmVNo?aid=X —> https://only-promotion.com/41/mcgausse-m-med/gps/?X $ dig +short securedns.site 104.21.85.240 172.67.212.137 Spam sample ==================================================================== Received: from presentcharity.net (presentcharity.net [91.211.250.153]) by X (Postfix) with ESMTP id X for <X>; Mon, 3 May 2021 X DKIM-Signature: X DomainKey-Signature: X MIME-Version: 1.0 Message-Id: <X@presentcharity.net> From: =?UTF-8?B?Q2VudHJlIGRlIEx1dHRlIGNvbnRyZSBsYSBEb3VsZXVy?=<NKPbwYv@presentcharity.net> Subject: =?UTF-8?B?TGEgbWVpbGxldXJlIHNvbHV0aW9uIHBvdXIgbGVzIGRvdWxldXJzIGFydGljdWxhaXJlcywgbXVzY3VsYWlyZXMgZXQgdmVydMOpYnJhbGVz?= Reply-To: reply_to@presentcharity.net To: X… Читать далее Spammer hosting @104.21.85.240

Received: from inboxvia.jp.net (515879-cf59329.tmweb.ru. [92.53.124.54]) Date: [*date] From: TheSecret<[]@[].solution.ruddle.org> Subject: [],Start Getting REAL Results Today! https://storage.googleapis.com/[] => http://mynotifications.xyz/#?[] => https://smilesarefun.com/[] => https://heathlyhub.com/index2.php?s1=[] => https://gluebrush.com/?[] mynotifications.xyz. 60 IN A 95.138.193.220 smilesarefun.com. 300 IN A 181.214.121.98 heathlyhub.com. 300 IN A 104.21.50.128 heathlyhub.com. 300 IN A 172.67.163.58 gluebrush.com. 300 IN A 104.21.93.127 gluebrush.com. 300 IN A 172.67.209.229 If… Читать далее Spamvertised website

designanalyzer.com. 300 IN A 172.67.182.25 designanalyzer.com. 300 IN A 104.21.51.156 Received: from colondrag.com (colondrag.com [94.228.118.250]) Subject: Domain Notification for [] : This is your Final Notice of Domain Listing X-PHP-Originating-Script: 1000:alexusMailer_v1.7.2.php From: Domain Notice <hugo@hugoboss.com> Date: Tue, 11 May 2021 12:5x:xx +0300 Attention: Important Notice , DOMAIN SERVICE NOTICE Domain Name: [] Hi [] []… Читать далее Zoltán Zarka

greatvender.com. 300 IN A 172.67.136.183 greatvender.com. 300 IN A 104.21.62.151 Received: from fruithabitat.com (fruithabitat.com [109.68.214.93]) Subject: Domain Notification for [] : This is your Final Notice of Domain Listing X-PHP-Originating-Script: 1000:alexusMailer_v1.7.2.php From: Domain Notice <hugo@hugoboss.com> Date: Wed, 12 May 2021 08:3x:xx +0300 Attention: Important Notice , DOMAIN SERVICE NOTICE Domain Name: [] Hi [] []… Читать далее Zoltán Zarka

SBL518213 172.67.164.6 cloudflare.com 2021-03-06 Carding fraud site/forum: UNICC.CZ (uniccshop.cm / cardpin.org / crdshop.su / cclub.su / unicc.am / csu.su / abusehost.pro / dumpscrew.com / chindadump.su / dumpshop.net / dumpshop.cc)

trumps-dumps.cc. 299 IN A 104.21.79.89 trumps-dumps.cc. 299 IN A 172.67.169.109 dumpswithpin.shop. 14399 IN A 103.255.237.209 _________________________ Was: cardmafia.mn. 599 IN A 35.204.174.12 cc-dumps.su. 599 IN A 185.200.243.53 _________________________ Was: cardingmafia.pro. 599 IN A 91.241.19.41 cardingmafia.pro. 599 IN A 185.200.243.53 cardmafia.mn. 198 IN A 45.9.148.167 2020-07-13 04:36:55 approvedcc.su A 185.200.243.53 2020-07-29 04:19:59 carder.eu A 185.200.243.53 2020-07-29… Читать далее Credit card fraud domain hosting: trumps-dumps.cc (cardmafia.mn / dumpswithpin.shop)

Stolen credit card data websites: brians.at. 299 IN A 172.67.203.54 brians.at. 299 IN A 104.21.52.192 ____________________ Was: brians.at. 14399 IN A 104.161.32.114 104.161.32.114 brians.at 2021-05-16 12:20:52 104.161.32.114 ns3.t2cvv.cc 2021-05-16 12:20:52 104.161.32.114 ns4.t2cvv.cc 2021-05-16 12:20:52 104.161.32.114 t2cvv.cc 2021-05-11 08:42:06 goldendumps.su. 14399 IN A 162.223.90.78 ____________________ Was: ns1.briansclub.club. 14399 IN A 65.21.59.60 ns2.briansclub.club. 14399 IN A 65.21.59.60… Читать далее Carding fraud site/forum: brians.at (t2cvv.cc / briansclub.club / cv2.su / cvvmecc.com / goldendumps.su)

dev.thorproject.net. 300 IN A 104.21.64.23 dev.thorproject.net. 300 IN A 172.67.174.98 Received: from retailerpeasant.com (retailerpeasant.com [94.228.113.61]) Subject: Domain Notification for [] : This is your Final Notice of Domain Listing From: Domain Notice <cisco@ciscosystems.com> Date: Tue, 18 May 2021 07:5x:xx +0300 Attention: Important Notice , DOMAIN SERVICE NOTICE Domain Name: [] Hi [] [] Response Requested… Читать далее Zoltán Zarka

Received: from wikihow.com (129.146.252.239 [129.146.252.239]) Date: Fri, 21 May 2021 05:0x:xx +0200 From: Bitcoin Code<droblx.com@com.1strand0m-accessdigitalstoragedevice.exposed> Subject: Why has Mark Zuckerberg invested in crypto https://storage.googleapis.com/009630314ac2a9e/offrall.html https://www.pw22trk.com/2CS482FTB/XCQZJ/?creative_id=1366&source_id=2&sub1=qwn https://tracking.track-it.pro/aff_c?offer_id=45&aff_id=1057&aff_sub=[]&aff_sub2=670473&aff_sub3=qwn&aff_sub4=&aff_sub5=Code&aff_click_id= https://the-btc-system.com/?clickID=[]&aff=Code&c=CH&tid=[]&aff_id=1057 https://codenet-systemapp.com/api/v1/auto_login?r=https://codenet-systemapp.com/ https://codenet-systemapp.com/funds www.pw22trk.com. 300 IN A 35.244.150.190 tracking.track-it.pro. 300 IN A 172.67.159.25 tracking.track-it.pro. 300 IN A 104.21.34.104 the-btc-system.com. 300 IN A 104.21.6.181 the-btc-system.com. 300 IN A 172.67.135.26 codenet-systemapp.com.… Читать далее affiliate spam @the-btc-system.com