Translate

Posts mit dem Label Austria werden angezeigt. Alle Posts anzeigen
Posts mit dem Label Austria werden angezeigt. Alle Posts anzeigen

5/04/2014

PHISHING SCAM !
Subject: The hottest sex positions in the world from:
wonder-save.de (IP: 46.137.116.197)



SPAM - SCAM - PHISHING DOMAIN
(MAIL THROUGH sexpositions@load-next.com)

http://www.wonder-save.de/
  • https://www.virustotal.com/de/url/4cbee3944f626152a7b0e565989dfcdfa97128d9e1661e8b2f881544bdcf38a7/analysis/1399057180/
HTML=LOOOOOOOLLL (Rattenscharfe Amateute am laufenden Band)
  • https://www.virustotal.com/de/file/d079714ab2586e4eb1d64bdea7ea0904160f2c848b0cb84b1c4040e82f79e501/analysis/1399057765/


BitDefender DOMAIN information: "This URL domain/host was seen to host badware at some point in time"


DOMAIN BLACKLISTED AT:
1) WOT
  • https://www.mywot.com/en/scorecard/wonder-save.de
2) SURBL
  • http://www.surbl.org/lists
3) JoeWein
  • http://www.joewein.net/
ADDITIONAL LINK:
http://www.wonder-save.de/o/e181067801c9b41237c8ca23126a2754c00befbb41d019e0470c71483874f92d
  • https://www.virustotal.com/de/url/2a9d116e843f5d5ca49d2b1e8fecb2be80998c6d79b9fccfeacd62a13a0f4ee3/analysis/1399063964/
HTMLSRC
  • https://www.virustotal.com/de/file/b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b/analysis/1398895856/
REDIRECTION TO --->
http://www.medusa.mx/open/e181067801c9b41237c8ca23126a2754c00befbb41d019e0470c71483874f92d
  • https://www.virustotal.com/de/url/d8053385191d602cccc3bde8afc22a3f99814f27d239f74787787b55b110a46f/analysis/
HTMLSRC
  • https://www.virustotal.com/de/file/b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b/analysis/1398895856/
DOMAIN:
http://www.medusa.mx/
  • https://www.virustotal.com/de/url/a451ede892082c712db5d49ed9152ed9bb0dd59aad190acb4be3d4d1320b8bfc/analysis/1399064361/
IP:
http://176.34.253.56/
  • https://www.virustotal.com/de/url/d4999bea2206837dff08b433a4c099eb794b7f1e3c5aafb7cad21895a2382f86/analysis/1399065373/
  • https://www.virustotal.com/de/ip-address/176.34.253.56/information/
REDIRECTS TO --->
http://newsletterabo.com/
  • https://www.virustotal.com/de/url/53fb33f8aea6cfadcd5fcaea7cf34509d2e95721acefa4058490a024d37eb9bd/analysis/1399064949/
IP:
http://62.129.143.124/
  • https://www.virustotal.com/de/url/753211dc1d21447d75875e36d3dd36c195078e99d32c3039c3dbee0232c96cd6/analysis/1399066574/
  • https://www.virustotal.com/de/ip-address/62.129.143.124/information/
LISTED AT SPAMHAUS (SBL):
  • http://www.spamhaus.org/query/bl?ip=62.129.143.124
Some 5000 SPAMVERTIZED DOMAINS ARE hosted HERE:
  • http://www.spamhaus.org/sbl/query/SBL112409
WEB-REP: POOR
EMAIL-REP: POOR
  • http://www.senderbase.org/lookup/?search_string=62.129.143.124
HTMLSRC
  • https://www.virustotal.com/de/file/ed3d4bf96a6e2c0c0f9ac7b27701b8dbab3fbfeb8078a3b4a847c1a797d8cd6d/analysis/1399064611/
SEE AS WELL:
  • http://sitecheck.sucuri.net/results/www.medusa.mx
  • http://sitecheck.sucuri.net/results/newsletterabo.com
-----------------------

MAIL SENT THROUGH:
http://load-next.com/
  • https://www.virustotal.com/de/url/7ac028fb0869d91755fb1a260da32b7189872856761e98b271bbf7c54283b670/analysis/1399061768/
  • https://www.virustotal.com/de/file/989e7a7c0680624b684c78468a1a1909c98a96dbce68c3a6d9a7d9122314aceb/analysis/1399061565/
  • https://www.virustotal.com/de/file/4ee70fe07827224c29f73047c71569c8fe740b370506cdd8b13e203a0ea5244d/analysis/1399061582/
IP:
http://95.130.125.232/ (AUSTRIA)
  • https://www.virustotal.com/de/url/e75688860b8f4224a5c62a7bfdb9c424a7a1e97e237eb40730d991c7d7e2ea42/analysis/1399063376/
  • https://www.virustotal.com/de/ip-address/95.130.125.232/information/
Fwd/Rev DNS Match: NO
  • http://www.senderbase.org/lookup/?search_string=95.130.125.232
-----------------------

IP:
http://46.137.116.197/
  • https://www.virustotal.com/de/url/1475cbe1f128f13cfbc44a6ef054af0e4edbfe87b1a881fcf912045eb62ab857/analysis/1399059664/
  • https://www.virustotal.com/de/ip-address/46.137.116.197/information/
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , , , , , ,
Standort: Österreich

2/05/2014

Snowshoe Spammers - MALICIOUS DOMAIN & IP:
b2bdigitalapps.com & 193.180.115.48
"Les 5 astuces pour faire encore mieux l'amour"
(PHISHING-SCAM, AUSTRIA, SWEDEN)


Bonjour,

Tu trouves que tes relations sexuelles deviennent monotones ? Tu n'est
pas seul. Comme toi, je me suis rendu compte que ma femme et moi, on ne
faisait plus l'amour aussi souvent qu'avant.  Et quand ça nous arrive,
c'est toujours les mêmes vieilles recettes.

En fait, j'avais perdu l'enthousiasme et, ça m'ennuie de le dire, il
m'est même arrivé d'éviter de faire l'amour plusieurs fois. Ce n'était
plus comme avant et je savais qu'il fallait faire quelque chose avant
que ca n'aille trop loin.

Alors je suis allé sur le net pour trouver des idées et j'ai trouvé un
livre qui s'appelle  “500 Astuces Amoureuses” En fait, c'est drôle.
Pendant que je lisais le livre, ma femme est venue voir ce que je
faisais. Quand elle a su de quoi il s'agissait elle m'a viré de
l'ordinateur pour lire elle-même.

Alors finalement, il a marché, ce livre ?

Je te laisse juger : la nuit même, elle a apporté des fraises et du
coulis de chocolat à grignoter devant la télé (évidemment inspiré du
livre).

Ca m'a complètement surpris. Je n'aurais jamais pensé qu'une chose
simple comme manger des fruits et du chocolat pendant les préliminaires
pouvait être aussi excitant.

Je n'irai pas dans les “détails” de la suite … :D… mais je dois dire que
je suis devenu fan de ce livre !
Et notre sexualité est extraordinaire maintenant. Nous ne sommes jamais à
court d'idées pour rendre les choses excitantes. Et si on a besoin
d'une idée, il nous suffit d'ouvrir le livre. C'est top !

Si tu penses que ta sexualité est devenue un peu ordinaire, ou si tu veux
simplement l'améliorer un peu, regardes ce livre

en cliquant ici>>

A bientôt

MALICIOUS PHISHING-SCAM DOMAIN: (SNOWSHOE SPAMMERS)
b2bdigitalapps.com
  • https://www.virustotal.com/de/url/c7c6daf58332d34d90b1234b1bdd40c922f4a3bed5174f9b2d561bff8d66a706/analysis/1391621955/
b2bdigitalapps.com/link.php
  • https://www.virustotal.com/de/url/7e06bfb6d9730edbbacc4189f36681e84aaa585dd580e2e53543c4aa10d14d0e/analysis/
  • https://www.virustotal.com/de/file/22fc373d3b3ab36009613adfd7bb60f7135a4f510aa31808856e721dd5799d0c/analysis/
b2bdigitalapps.com/open.php
  • https://www.virustotal.com/de/url/21e996363e94694017a766295f26702b7d6fe9c605a57d30965b3c6be6f9027a/analysis/1391622030/
  • https://www.virustotal.com/de/file/dd5bdccb831d1b19c505bd3e67553f6049cea2e20dba7eb231a02ed0103e521f/analysis/1390580473/
b2bdigitalapps.com/unsubscribe.php
  • https://www.virustotal.com/de/url/c7f6d051298f7b524bcf37fa3bc9ac2cab53cfff8081d9cf78d2f095f85e8e19/analysis/1391622053/
  • https://www.virustotal.com/de/file/fb18ec2dc45858efd8a69d17873eb1a92801a4af8e6b6a44b03e9e7a69d11ffd/analysis/


Snowshoe Spam (Screenshot)

ORIGIN IP:
193.180.115.48
  • https://www.virustotal.com/de/url/9c8a9262baa8df9d848573706b4bcf2eeb9c8d23404f1951accff6b123ff9e64/analysis/1391620870/
  • https://www.virustotal.com/de/file/18f256b9f1807fe04ee416b47643bae7ed150f37cf79e24c4e2b9646cf3cf908/analysis/1391622765/
 
LISTED AT SPAMHAUS (SBL):
  • http://www.spamhaus.org/query/bl?ip=193.180.115.48
 
Email Reputation: Poor
Web Reputation: Poor
  • http://www.senderbase.org/lookup/?search_string=193.180.115.48
 
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , ,

1/15/2014

Category MALICIOUS DOMAIN: rheumatoidarthritisgout49419.soup.io
Rogue Medications & Phishing Risk (AUSTRIA)
(GOOGLE PHISHING)

Potentially Malicious Site: Drugs & Medications (PHISHING RISK)








DOMAIN:
rheumatoidarthritisgout49419.soup.io
  • https://www.virustotal.com/de/url/52b67f6d4e0d46e81f5e560297c575c638a9ba33b43e1229718fc6929a9a1c91/analysis/
MALICIOUS LINK FOUND TO: (DOMAIN)
is.gd (U.K.)
  • https://www.virustotal.com/de/url/47a68b786b0e7abcc8263d257b7fe90a26be583647d9371b38ceb24c09332a3b/analysis/1389627324/
SPECIFIC LINK:
is.gd/fpnxbB
  • https://www.virustotal.com/de/url/61b5b6b25706c0ab0bde93ea941fbea8d7334f699957f88072ea49eb2a19e8e1/analysis/1389804055/



ADDITIONAL MALICIOUS LINK FOUND TO: (DOMAIN)
stomsk.ru (Lithuania)
  • https://www.virustotal.com/de/url/c2cb23d08ab0e0430674bda1ede032890408106f0c480b81423f85a38ba09716/analysis/1389626637/
SPECIFIC LINK:
stomsk.ru/pics/doc.jpg
  • https://www.virustotal.com/de/url/7dd47a1cf793aa3da415720b51e6d6452bfad57f42bc9c494322ea79a4363601/analysis/1389626639/



Eingestellt von um Keine Kommentare:
Labels: , , , , , , , ,

1/13/2014

Category MALICIOUS DOMAIN: goutytophisurgery88758.soup.io
Rogue Medication Phishing Risk (AUSTRIA)
(GOOGLE PHISHING)

Potentially Malicious Site: Drugs & Medications (PHISHING RISK)


DOMAIN:
goutytophisurgery88758.soup.io
  • https://www.virustotal.com/de/url/9c76a54622c7037c90bffa40f734845fb4a36bdbe3c3807845151e7bc3ccb7bd/analysis/1389627071/
MALICIOUS LINK FOUND TO: (DOMAIN)
is.gd (U.K.)
  • https://www.virustotal.com/de/url/d92eb9fedadf8ef87d077931d558dbb058bc35f38251ddefc6cc4addba929439/analysis/1389804529/
SPECIFIC LINK:
is.gd/OFliej
  • https://www.virustotal.com/de/url/47a68b786b0e7abcc8263d257b7fe90a26be583647d9371b38ceb24c09332a3b/analysis/
ADDITIONAL MALICIOUS LINK FOUND TO: (DOMAIN)
stomsk.ru (Lithuania)
  • https://www.virustotal.com/de/url/c2cb23d08ab0e0430674bda1ede032890408106f0c480b81423f85a38ba09716/analysis/1389626637/
SPECIFIC LINK:
stomsk.ru/pics/doc.jpg
  • https://www.virustotal.com/de/url/7dd47a1cf793aa3da415720b51e6d6452bfad57f42bc9c494322ea79a4363601/analysis/1389626639/
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , ,

Category MALICIOUS DOMAIN: potenzmittelcialis26471.soup.io
Cialis Phishing Risk (AUSTRIA)
(GOOGLE PHISHING)

Potentially Malicious Site: Drugs & Medications (PHISHING RISK)


DOMAIN:
potenzmittelcialis26471.soup.io
  • https://www.virustotal.com/de/url/235b3ff9bc5531c30a46d21413ab2967d150ccf26828070641ebbd39951673c9/analysis/1389564598/
MALICIOUS LINK FOUND TO: (DOMAIN)
is.gd (U.K.)
  • https://www.virustotal.com/de/url/d92eb9fedadf8ef87d077931d558dbb058bc35f38251ddefc6cc4addba929439/analysis/1389626217/
SPECIFIC LINK:
is.gd/yGa80d
  • https://www.virustotal.com/de/url/d7d0fbfe93759463be0317981370e4186c5814168847ea1a49d1ea606aed2f7b/analysis/1389626417/
ADDITIONAL MALICIOUS LINK FOUND TO: (DOMAIN)
stomsk.ru (Lithuania)
  • https://www.virustotal.com/de/url/c2cb23d08ab0e0430674bda1ede032890408106f0c480b81423f85a38ba09716/analysis/1389626637/
SPECIFIC LINK:
stomsk.ru/pics/doc.jpg
  • https://www.virustotal.com/de/url/7dd47a1cf793aa3da415720b51e6d6452bfad57f42bc9c494322ea79a4363601/analysis/1389626639/
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , ,

12/14/2013

Trojan.JS.Iframe.CIP & Hidden Iframe: onlygtamods.blogspot.co.at - (Austria)

GTA BLOG infected with Malware
MALICIOUS URL

onlygtamods.blogspot.co.at

  • https://www.virustotal.com/de/url/ad44797d2f7a3175fe0b9b8d6e6634a2d15b3338f4234b7c1fd06a4482d0cfbf/analysis/1387039150/
Infected With:
  • https://www.virustotal.com/de/file/7f1ff2384716f01014e269e7ba3dc3a7dc7cd0f280bea351e44b9cc7ca6c68d1/analysis/1387039360/
 --->  HIDDEN IFRAME TO:
 
DOMAIN: 
  • goo.gl
  • https://www.virustotal.com/de/url/21f8b60c2acbeb555e302df332fcccf6047eec8882ed892e0dacab9fe70c996a/analysis/
SPECIFIC LINK: 
  • goo.gl/xL64q
  • https://www.virustotal.com/de/url/e67569fade200ea3d83af40ce5051b2c27bf3e6d64b6c969fb93ebd1a64712ba/analysis/1387039842/ 
  • https://www.virustotal.com/de/file/518034ed78da007491b2854bfdc5385cfd197a6f81ef91a3ef1ac72ed85a1659/analysis/1387039364/
REF.:
http://jsunpack.jeek.org/?report=8527e7d771cc7a8dc7386a7b952b3e9b12c84dab
Eingestellt von um Keine Kommentare:
Labels: , , , ,
Abonnieren Posts (Atom)