https://measurement.cs.princeton.edu/privacystudy/ Please see https://www.spamhaus.org/consumer/definition/ «Spam is an issue about consent, not content. Whether the Unsolicited Bulk Email («UBE») message is an advert, a scam, porn, a begging letter or an offer of a free lunch, the content is irrelevant — if the message was sent unsolicited and in bulk then the message is spam,» or… Читать далее spam source / hosting
Рубрика: digitalocean.com
phishing server
104.131.72.116|citigroupteam.com|2021-12-14 13:01:29 104.131.72.116|citiigroupe.com|2021-12-14 13:01:14 104.131.72.116|citiiiotpzencast.us|2021-12-14 17:01:10 104.131.72.116|citiverification.us|2021-12-13 20:56:07 104.131.72.116|custdashboardcit.com|2021-12-14 14:45:59 104.131.72.116|groupcitey.com|2021-12-13 09:20:59 104.131.72.116|groupofcit.com|2021-12-13 13:01:05 104.131.72.116|teaserdash.com|2021-12-10 13:01:47
Loki botnet controller @188.166.172.139
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 188.166.172.139 on port 80 (using HTTP POST): hXXp://mail.jithiadaproperties.com/swtnvmbr/logs/fre.php $ dig +short mail.jithiadaproperties.com 188.166.172.139 $ nslookup 188.166.172.139 mail.jithiadaproperties.com Referencing malware binaries (MD5 hash):… Читать далее Loki botnet controller @188.166.172.139
Carding fraud site/forums: fe-acc18.ru
Stolen credit card data sites: https://procrd.biz/ >>> https://i.imgur.com/dnhfzOq.gif >>> https://www.fe-acc18.ru/ 159.203.41.229 fe-acc18.ru 2021-12-13 03:21:12 ________________ Was: 216.73.159.30 fe-acc18.ru 2021-12-11 00:05:42 ________________ Was: 45.9.20.217 fe-acc18.ru 2021-12-09 23:33:45 216.73.159.30 fe-acc18.ru 2021-12-11 00:05:42 ________________ Was: 91.241.19.78 fe-acc18.ru 2021-12-09 01:40:53 ________________ Was: fe-acc18.ru. 300 IN A 193.56.146.111 ________________ Was: fe-acc18.ru. 300 IN A 193.56.146.110 ________________ Was: fe-acc18.ru. 300 IN… Читать далее Carding fraud site/forums: fe-acc18.ru
phishing server
147.182.249.253|secure02a-citi-logon-account.com|2021-12-11 19:08:58 147.182.249.253|secure03a-citi-logon-account.com|2021-12-11 19:15:41
Carding fraud site/forums: fe-acc18.ru (DNS)
ns1.fe-acc18.ru. 300 IN A 128.199.244.220 ns2.fe-acc18.ru. 300 IN A 159.223.74.144 ns3.fe-acc18.ru. 296 IN A 45.9.20.220 __________________________ Was: ns1.fe-acc18.ru. 300 IN A 159.223.69.200 ns2.fe-acc18.ru. 300 IN A 159.223.74.144 ns3.fe-acc18.ru. 296 IN A 45.9.20.220 __________________________ Was: ns1.fe-acc18.ru. 300 IN A 159.223.69.200 ns2.fe-acc18.ru. 300 IN A 159.223.74.144 ns3.fe-acc18.ru. 296 IN A 45.9.20.218 __________________________ Was: ns1.fe-acc18.ru. 300 IN A… Читать далее Carding fraud site/forums: fe-acc18.ru (DNS)
phishing server
137.184.157.131|d1-citi-secure-account.com|2021-12-09 23:29:56 137.184.157.131|d2-citi-secure-account.com|2021-12-09 23:40:51
loan spam
helo: bizcloud-box.iye.com.de msgid: x@iye.com.de Reply-To: BLIF@protonmail.com srcip: 138.68.229.160 bodyfrom: BLIF — Bahrain Investment Support Company Subject: BLIF — Financial Facilities To Business Owners timestamp: 2021-12-08 x
Malicious site.
Fake Microsoft «you have a virus, call this number» scam site. Usually arrived at by a sea of redirectors. Expects you to call (050)5806-8334
phishing server
c3-citi-secure-login.com 2021-12-06 17:51:32 c1-citi-secure-login.com 2021-12-06 17:37:44