EITest Gate at 85.93.0.32 Leads to Angler EK at 83.220.169.231

I found these GET requests in our customers traffic: zeboms[.]tk/show_content.php?fgpimk=lrsuk&id=4642B3AD8EB1331F63B111F171C670700DA304E3EFF16822032449944AB075E487805D one.theleadersummit[.]com/boards/viewtopic.php?t=0i3&f=o5aew38bpq8ca58engnpikp4ucvwuef5z9ej1ctm014keykgo-q773pf_ahi58p76yvzpoffylkdqe_-8k4eih0j03n2t-i1y Unfortunately for our analyst we don’t always get packets so we can’t easily locate

Forskolin Spam Emails

I found these GET requests in our customers traffic, likely originating from spam emails: hxxp://gallipolicountryandsea[.]it/therfgds1.php hxxp://www.gallipolicountryandsea[.]it/therfgds1.php hxxp://dutbbc[.]com/?a=374762&c=wl_con&s=nw-404-1che What drew my attention to it at first