Рубрика: microsoft.com

The host at this IP address is emitting spam emails: 2020-02-24 40.92.72.66 PayPal Support <paypal@seo-mailer.com> verify your account

The host at this IP address is being (ab)used to «listbomb» email addresses: From: nick@alterhealth.org Subject: Indoor this weekend? Shop online for 50% off all Indoor Baox Products Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages… Читать далее Abused / misconfigured newsletter service (listbombing)

The host at this IP address is emitting spam emails. Spam sample ========================================= From: ankitjain1414@hotmail.com Subject: SEO (Search Engine Optimization) service? =========================================

The host at this IP address is being (ab)used to «listbomb» email addresses: From: jasminesaraya@hotmail.com Subject: RE: Enquiry from Website…// Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================ In… Читать далее Abused / misconfigured newsletter service (listbombing)

Received: from mail-oi1-f197.google.com (209.85.167.197) From: Z i p p y l o a n <rgbtjhukiliomlodfedfzed15@gmail.com> Date: Fri, 17 Apr 2020 17:2x:xx +0100 Subject: 𝙉𝙚𝙚𝙙 𝙈𝙤𝙣𝙚𝙮? Need Money? ZippyLoan has you covered! <https://t.co/rSK6D0PYDI?amp=1> URL redirect chain: URL: https://t.co/rSK6D0PYDI?amp=1 Server IP address is 104.244.42.197 Location: https://kkkhdghdgfsqdb.blob.core.windows.net/zippyloangsgdfhqsgdf/zippyloan1hdvhjfhvb.html Server IP address is 20.38.113.100 Location: https://www.kystnesybl.com/mgt8U272XM24NmuK3QdLm6kRDBHAbGOeL-EjLg6HJc8CiIIX5kTb6RYRSRnY7L_JrspRIa5HM9dWwWs-bLdnUA~~/ Server IP address is… Читать далее affiliate spam @zippyloan.com

Return-Path: <www-data@star-mini.c10r.facebook.com> Received: from star-mini.c10r.facebook.com ([23.102.174.28]) by [] (8.14.7/8.14.7) with ESMTP id [] for []; Tue, 21 Apr 2020 11:[]:[] -0400 Received: by star-mini.c10r.facebook.com (Postfix, from userid 33) id []; Tue, 21 Apr 2020 15:[]:[] +0000 (UTC) To: [] Subject: Campanha Feirao Limpa Nome Proposta: — 2976938 X-PHP-Originating-Script: 1000:xman.php X-Mailer: Microsoft Office Outlook, Build []… Читать далее spam source

2020.10.23, despite what certain parties may believe, mail.login.amazon-center.webapps.amz-manage.com Is unlikely to be legitimate. ———————————————————————— Netflix, fake AWS, something for everyone on this host: acc-verify-restore-access.me Key-Systems GmbH accamzfrjps.com Tucows Domains Inc. amkglz.com Hosting Concepts B.V. d/b/a Openprovider amz-manage.com Hosting Concepts B.V. d/b/a Openprovider amzlgnwbps.com DomainPeople, Inc. contactadvanced.com Hosting Concepts B.V. d/b/a Openprovider emailservicessecure.com GoDaddy.com, LLC goyangpuyuh.com… Читать далее Assorted phish landing sites.

The host at this IP address is emitting spam emails. Spam sample ========================================= From: alanferguson739mr@hotmail.com Subject: Affordable Web&App Solution.. =========================================

The host at this IP address is emitting spam emails. Spam sample ========================================= From: zoeyzoeyrose@outlook.com Subject: Business app.. =========================================

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 40.112.58.16 on port 80 (using HTTP POST): hXXp://chingowashers.tk/wp-demo/admin/apache/fre.php $ dig +short chingowashers.tk 40.112.58.16 Referencing malware binaries (MD5 hash): 088717bd0344fe445fa9310fd8cccd4c — AV detection:… Читать далее Loki botnet controller @40.112.58.16