Received: from p3plsmtpa07-02.prod.phx3.secureserver.net (173.201.192.231) by DB5EUR01FT012.mail.protection.outlook.com (10.152.4.235) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.20 via Frontend Transport; Fri, 9 Jul 2021 21:0x:xx +0000 Received: from Q1SFT42VRRBCFJP7 ([147.135.116.172]) by :SMTPAUTH: with ESMTPSA id []; Fri, 09 Jul 2021 14:0x:xx -0700 X-SECURESERVER-ACCT: sballard@lottabull.com Date: Sat, 10 Jul 2021 00:0x:xx +0300 Subject: What’s Happening boy;).. Your num… Читать далее Spamvertised website
Рубрика: cloudflare.com
Spammer hosting @104.21.49.169
Spammer hosting located here: $ dig +short www.online-rezeptfrei.de 172.67.191.50 104.21.49.169
Russian carding fraud site/forums bit2check.sc (cvvshop.lv / bit2check.com / carder.su / uniccshop.ru / pinkshop.name / carderpro.com / cardmafia.mn / ccbase.biz / cpro.su)
cvvshop.lv. 299 IN A 94.198.40.41 bit2check.sc. 299 IN A 104.21.36.181 bit2check.sc. 299 IN A 172.67.198.67 bit2check.com. 564 IN A 34.125.44.97 ________ Was: cvvshop.lv. 299 IN A 159.89.99.30 ________ Was: cvvshop.lv. 299 IN A 185.82.127.60 bit2check.com. 599 IN A 34.125.44.97 bit2check.net. 299 IN A 95.179.217.117 ________ Was: cvvshop.lv. 119 IN A 107.172.248.178 cvvshop.lv. 119 IN A… Читать далее Russian carding fraud site/forums bit2check.sc (cvvshop.lv / bit2check.com / carder.su / uniccshop.ru / pinkshop.name / carderpro.com / cardmafia.mn / ccbase.biz / cpro.su)
spam support (domains)
domain used in spam operation — moteefe.com [104.16.171.54] —
Carding fraud site/forum: wtshop1.net / wt1shop.net etc.
Stolen credit-card data sites: wt1store.net. 299 IN A 172.67.190.102 wt1store.net. 299 IN A 104.21.36.80 wt1store.com. 299 IN A 172.67.201.79 wt1store.com. 299 IN A 104.21.66.55 wt1shop.net. 299 IN A 172.67.142.70 wt1shop.net. 299 IN A 104.21.71.20 wt1store.cc. 299 IN A 104.21.35.164 wt1store.cc. 299 IN A 172.67.177.164 wtshop1.net. 21599 IN A 95.216.22.226 wt1store.cc. 3599 IN A 185.11.145.111 wt1store.com.… Читать далее Carding fraud site/forum: wtshop1.net / wt1shop.net etc.
Spamvertised website
Received: from edu.numaidz.com (edu.numaidz.com [185.74.254.12]) From: «Sam Visser» <info@edu.numaidz.com> Date: 11 Jun 2021 20:1x:xx +0200 Subject: De grootste deal in de geschiedenis van Dragons’ Den: rijk worden in maar 7 dagen! https://gossipgirllz.myshopify.com/apps/mapa/833_31/index_js.html?[] => https://digitalsouce.com/click.php?pid=6&offer_id=33&eaJnP=yFjZsW&sub4=[]&sub3=itai_&d1=[]&action=3&shop=gossipgirllz.myshopify.com&path_prefix=%2Fapps%2Fmapa×tamp=[]&sign=[] https://toptimesnews.com/iframe/np/index.html?style=libra-method&lang=en&transaction_id=[]&aff_id=6&offer_id=itai_&dynamic=digitalsouce.com/bitcointrader# https://tritoncapitalmarkets.com/?force_token=[]&fr=deposit gossipgirllz.myshopify.com. 86400 IN CNAME shops.myshopify.com. shops.myshopify.com. 27 IN A 23.227.38.74 digitalsouce.com. 3600 IN A 136.144.250.215 toptimesnews.com. 600 IN A… Читать далее Spamvertised website
Carding fraud site/forum: pentagon.market (uas-store.ru / carder.market / s-fraud.ru / uas-shop.ru / trump-dumps.su / trump-dumps.ru / trump-dump.ru)
https://uas-store.ru/login/ >>> http://bit.ly/2RwOk74+ >>> https://pentagon.market/ pentagon.market. 299 IN A 104.21.13.26 pentagon.market. 299 IN A 172.67.132.119 uas-store.ru. 299 IN A 176.111.174.117 ____________________________ Was: pentagon.market. 299 IN A 104.26.13.133 pentagon.market. 299 IN A 172.67.70.40 pentagon.market. 299 IN A 104.26.12.133 ____________________________ Was: https://uas-store.ru/login/ >>> http://bit.ly/2RwOk74+ >>> https://carder.market/ >>> https://monopoly.ms/ >>> https://multi-vpn.biz/ carder.market. 299 IN A 104.21.70.85 carder.market. 299… Читать далее Carding fraud site/forum: pentagon.market (uas-store.ru / carder.market / s-fraud.ru / uas-shop.ru / trump-dumps.su / trump-dumps.ru / trump-dump.ru)
Spamvertised website
Received: from musicnotes.com (45.8.126.27) From: Crystal Gem Box <[]@the-queensgambit.com> Subject: High Demand! Mystery Gem Box. Limited Membership. Date: Tue, 15 Jun 2021 19:0x:xx +0200 http://www.mcmod.cn/jump/[] => http://fantasysweap.info/r.php?t=c&d=[]&l=17&c=[]&cr=9469 => https://acinimod.com/?E=[]&s1=33&s2=17&s3=[]&s4=[]&s5=19 => https://x4a.newsuperboffer.com/?kw=[]&s1=6005 www.mcmod.cn. 600 IN CNAME www.mcmod.cn.cname.yunjiasu-cdn.net. www.mcmod.cn.cname.yunjiasu-cdn.net. 30 IN A 162.159.209.138 fantasysweap.info. 60 IN A 51.159.159.237 acinimod.com. 300 IN A 18.191.117.75 x4a.newsuperboffer.com. 300 IN A… Читать далее Spamvertised website
Spammer hosting @172.67.191.50
Spammer hosting located here: $ dig +short www.online-rezeptfrei.de 104.21.49.169 172.67.191.50
affiliate spam @getsugarbalance.com
Received: from subeditor.sugarbalanceco.com (63.81.95.27) Date: Wed, 16 Jun 2021 08:5x:xx -0400 From: Rosenda Waiters <rosendawaiters@sugarbalanceco.com> Subject: 3 Things That Will Help In Your Fight Against Type 2 Diabetes URL: http://63.81.95.27/?link=[] Server IP address is 63.81.95.27 => Location: http://mwexciting.com/[]/?&subid=116064 Server IP address is 169.61.196.20 => Location: https://getsugarbalance.com/video?aff_id=2&utm_source=buygoods&utm_medium=affiliate&utm_term=affiliate-traffic&utm_content=affid-290-&utm_campaign=front-end&subid2=[]&subid=290 Server IP address is 172.67.222.222