Рубрика: google.com

eg: http://sky-oreoo-71.com/product/sharepoint/verificationAttempt.php sky-oreoo-71.com. 599 IN A 34.89.201.222 hXXp://tracker.co.tz/ Phishing since at least 5/2020 2020-10-09 08:58:59 32q4erfq.top A 34.89.201.222 2020-09-23 20:43:39 32q4erfq.win A 34.89.201.222 2020-09-07 10:03:12 34r5t34r.win A 34.89.201.222 2020-09-12 21:02:05 34r5t34r.xyz A 34.89.201.222 2020-09-13 13:26:58 435r34r345.xyz A 34.89.201.222 2020-09-26 12:28:57 435r34r34r.icu A 34.89.201.222 2020-09-17 13:18:56 435r43r.top A 34.89.201.222 2020-09-27 09:38:51 435r43r.xyz A 34.89.201.222 2020-09-28 14:04:23… Читать далее Hosting phishing domains

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. AZORult botnet controller located at 35.213.160.4 on port 80 (using HTTP POST): hXXp://testwp.warungpencar.com/bp/index.php $ dig +short testwp.warungpencar.com 35.213.160.4 $ nslookup 35.213.160.4 4.160.213.35.bc.googleusercontent.com

Received: from mail.netsec.com.mx (mail.netsec.com.mx [104.36.167.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by xx; Wed, 21 Oct 2020 04:22:25 -0400 (EDT) Received: from client.yota.ru [(94.25.181.69)] by mail.netsec.com.mx (104.36.167.46) with ESMTPSA id xx.msg; Wed, 21 Oct 2020 03:22:38 -0500 X-Remote-Spam-Processed: mail.netsec.com.mx, Wed, 21 Oct 2020 03:22:38 -0500 (not processed: message from trusted… Читать далее Sending porn spam via hacked servers: tinder-formen.blogspot.com

;; QUESTION SECTION: ;dichvusocks.us. IN A ;; ANSWER SECTION: dichvusocks.us. 299 IN A 104.21.234.143 dichvusocks.us. 299 IN A 104.21.234.142 ;; QUESTION SECTION: ;dichvusocks.us. IN MX ;; ANSWER SECTION: dichvusocks.us. 299 IN MX 20 mxa.mailgun.org. 52.22.46.128 dichvusocks.us. 299 IN MX 30 mxb.mailgun.org. 52.22.46.128 dichvusocks.us. 299 IN MX 1 aspmx.l.google.com. 74.125.137.27 dichvusocks.us. 299 IN MX 5 alt1.aspmx.l.google.com.… Читать далее Selling access to hacked server proxies to cybercriminals: dichvusocks.us (MX)

https://best-dattingladyes.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ best-dattingladyes.blogspot.com. 3599 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 299 IN A 172.217.14.97 privatematchch.com. 131 IN A 104.28.13.88 privatematchch.com. 131 IN A 104.28.12.88 privatematchch.com. 131 IN A 172.67.133.129

https://lovies-girlstinder.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ lovies-girlstinder.blogspot.com. 3479 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 179 IN A 172.217.14.97

https://best-dattingladyes.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ best-dattingladyes.blogspot.com. 3599 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 299 IN A 172.217.14.97

https://baby-skygirls.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ baby-skygirls.blogspot.com. 3574 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 274 IN A 172.217.14.97

http://club4pick-upsexy-poeple.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ club4pick-upsexy-poeple.blogspot.com. 3599 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 299 IN A 172.217.14.97

https://ladyesfor-man.blogspot.com/ >>> <script>window.location=’https://privatematchch.com/?utm_source=aDHnxntlbeSB'</script> ________ ladyesfor-man.blogspot.com. 3599 IN CNAME blogspot.l.googleusercontent.com. blogspot.l.googleusercontent.com. 299 IN A 172.217.14.97