Translate

Posts mit dem Label Thailand werden angezeigt. Alle Posts anzeigen
Posts mit dem Label Thailand werden angezeigt. Alle Posts anzeigen

5/09/2014

SPAM: Jennifer Woodard (woodardjennifer27@yahoo.com)
DOMAIN: darwinistneleridusunmez.com
IP: 180.180.146.4 Bankok, THAILAND




DOMAIN:
http://darwinistneleridusunmez.com/
  • https://www.virustotal.com/de/url/51ee5532251a6a564ea561ab27211e864beec50df216a0827b1bb1052c369a5a/analysis/1399629448/
http://darwinistneleridusunmez.com/lsy/view.php
  • https://www.virustotal.com/de/url/9d8251b452e80791bae691d8eebe0681a092719cf553c5e80c6b1784793c0928/analysis/1399629579/
DOMAIN IP:
http://54.247.100.110/
  • https://www.virustotal.com/de/url/e1792fc59ff57735b91d13358c35cf0028ecf8516e36fbe23060b1eb8db96e10/analysis/1399631113/
  • https://www.virustotal.com/de/ip-address/54.247.100.110/information/
IP LISTED AT SPAMHAUS (CBL)
  • http://www.spamhaus.org/query/bl?ip=54.247.100.110
  • http://cbl.abuseat.org/lookup.cgi?ip=54.247.100.110
  • http://www.senderbase.org/lookup/?search_string=54.247.100.110

MAIL IPs:
1)
http://180.180.146.4/ (THAILAND)
  • https://www.virustotal.com/de/url/dff9af04709b5bc1aec3f2705bafe872a9a57b8a23d9b29f75c117c0a5aba04a/analysis/1399629695/
SPAMMAILSERVER & DICTIONARY ATTACKER:
  • https://www.projecthoneypot.org/ip_180.180.146.4
LISTED AT SPAMHAUS (PBL):
  • http://www.spamhaus.org/query/bl?ip=180.180.146.4
E-MAIL-REP: POOR
  • http://www.senderbase.org/lookup/?search_string=180.180.146.4
2)
http://66.147.244.82/ (UNITED STATES)
  • https://www.virustotal.com/de/url/d60b98e987232df8a76c2aadaa8982b3d03a2b4a1a2cc91d829c296f513b13f1/analysis/1399630027/
  • https://www.virustotal.com/de/ip-address/66.147.244.82/information/
BHA: 19
  • https://www.projecthoneypot.org/ip_66.147.244.82
3)
http://14.4.4.6/ (SOUTH KOREA)
  • https://www.virustotal.com/de/url/ea36277fb5e01f8d0713c1937c952433fa0d3e3d11956f161dd989b3a6a07219/analysis/1399630197/
LISTED AT SPAMHAUS (SBL & DROP)
  • http://www.spamhaus.org/query/bl?ip=14.4.4.6
  • http://www.spamhaus.org/sbl/query/SBL187947
  • http://www.senderbase.org/lookup/?search_string=14.4.4.6
4)
http://69.89.23.228/
  • https://www.virustotal.com/de/url/f15acfaf6680089b7af8ce6db92c64f2420b0f92e1bcb14af18e2420b2d5de79/analysis/1399631488/
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , , , ,
Standort: Bangkok, Thailand

4/16/2014

PHISHING MAIL from:
www.med-equip.com.tn (IP: 193.95.93.62)
HTML:Script-inf
(THAILAND & TUNESIA)
"!Keep It Simple In The Bed retread"
gaecaoro@totbb.net



PHISHING SPAM & MALWARE:
HTML:Script-inf
ROGUE MEDICATIONS (THAILAND & TUNESIA)

DOMAIN:
http://www.med-equip.com.tn/
  • https://www.virustotal.com/de/url/b9fb02cf988d929e6a2c86e2570c607bf20bce182b931092f2afdb72cc30a153/analysis/1397659999/
HTML
  • https://www.virustotal.com/de/file/c6b1a536e10e685f7eb2e7875e1385070f1381d3c7142d6bf35cdd99f464baea/analysis/1397660454/
E-MAIL LINK:
http://www.med-equip.com.tn/geriforte.html
  • https://www.virustotal.com/de/url/403d17cc13d16d4f05fde4699d1fbb319c5aad5af693f5526c82a0d4558455e8/analysis/1397659995/
HTML:Script-inf
  • https://www.virustotal.com/de/file/af51c501f333a7a1c81a7e64f09850d249a22283e6731df4482a58bd9134838d/analysis/1395389479/
SREENSHOT PHISHING MAIL
IP:
http://193.95.93.62/
  • https://www.virustotal.com/de/url/4842c7f2236d8e6fb467f709bf7833ffbd3907a913681c44dddb94a0ce54293b/analysis/1397662127/
  • https://www.virustotal.com/de/ip-address/193.95.93.62/information/
LISTED AT SPAMHAUS (SBL):
  • http://www.spamhaus.org/query/bl?ip=193.95.93.62
  • http://www.spamhaus.org/sbl/query/SBL204400
WEB-REP: POOR
EMAIL-REP: POOR
  • http://www.senderbase.org/lookup/?search_string=193.95.93.62
www.med-equip.com.tn/geriforte.html REDIRECTS TO:
http://triptabletspharmacy.ru/
  • https://www.virustotal.com/de/url/9a59b27ab7899a59763aed3092d887621a3a55c684227a7471fd05f2803da02d/analysis/1397661510/
IP triptabletspharmacy.ru:
http://107.182.164.141/
  • https://www.virustotal.com/de/url/ed96c08ef5482160f445fcd3665d2e8991ff0ba2a0f74d73c063227b5a59b89d/analysis/1397662386/
  • https://www.virustotal.com/de/ip-address/107.182.164.141/information/
  • http://www.senderbase.org/lookup/?search_string=107.182.164.141
SEE ALSO:
  • http://zulu.zscaler.com/submission/show/b6bc817a43647a0fa89d3e68a44e696b-1397660255
  • http://zulu.zscaler.com/submission/show/8d1a7645f4d5da4e722e8c11b95b4e9c-1397660264
  • https://urlquery.net/report.php?id=1397660035929
MAIL SENT "FROM":
http://totbb.net/
  • https://www.virustotal.com/de/url/dfc051bf8979828be83f9b5b0ffe9d372302dc7d88bb2aa8ebc289437bcd6a23/analysis/1397660871/
IP totbb.net:
http://203.113.9.20/
  • https://www.virustotal.com/de/url/c62bc82dab5ac1d2100e2fc5fc26972ca6bd86d8b55925645540eadeff8279f7/analysis/1397662629/
  • https://www.virustotal.com/de/ip-address/203.113.9.20/information/
ORIGINATING IP ADRESS FROM MAIL:
http://111.84.115.252/
  • https://www.virustotal.com/de/url/9b7ee547d226d4fc171a124b383f6528b8308ad493efb984a6d9a0dd7a637440/analysis/
  • https://www.virustotal.com/de/ip-address/111.84.115.252/information/
LISTED AT SPAMHAUS (PBL):
  • http://www.spamhaus.org/query/bl?ip=111.84.115.252
EMAILREP: POOR
  • http://www.senderbase.org/senderbase_queries/detailip?search_string=111.84.115.252
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , , , , ,
Standort: Tunesien
Abonnieren Posts (Atom)