DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=default; d=marsints.com; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type; i=admin@marsints.com; bh=.*=; b=.* .*= From: admin <admin@marsints.com> To: .* Subject: Quotation: 29083 — Mouse Mats — HARD TOP Date: .* Message-ID: <202110311.*@marsints.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=»—-=_NextPart_000_0012_.*» This is a multi-part message in MIME format. ——=_NextPart_000_0012_.* Content-Type: text/html; charset=»iso-8859-1″ Content-Transfer-Encoding: quoted-printable <HTML><HEAD> <META name=3DGENERATOR content=3D»MSHTML 11.00.9600.19003″></HEAD> <body> <P… Читать далее spam source
Автор: blog
Snowshoe spam ranges
83.240.217.138 cimtejo.org cimtejo.org 2021-10-31T03:30:00Z (+/-10 min) 83.240.217.138/32 (83.240.217.138-83.240.217.138) 103.27.60.222 mx60222.vhost.vn mx60222.vhost.vn 2021-10-31T03:30:00Z (+/-10 min) 103.27.60.222/32 (103.27.60.222-103.27.60.222) 107.170.212.129 irisunlove.com irisunlove.com 2021-10-31T03:30:00Z (+/-10 min) 107.170.212.129/32 (107.170.212.129-107.170.212.129) 178.62.30.23 291487.cloudwaysapps.com 291487.cloudwaysapps.com 2021-10-31T03:30:00Z (+/-10 min) 178.62.30.23/32 (178.62.30.23-178.62.30.23) 178.62.199.76 bankometar.com bankometar.com 2021-10-31T03:30:00Z (+/-10 min) 178.62.199.76/32 (178.62.199.76-178.62.199.76) 189.113.168.101 marte.serverbr5.com marte.serverbr5.com 2021-10-31T03:30:00Z (+/-10 min) 189.113.168.101/32 (189.113.168.101-189.113.168.101) == Sample ========================== MIME-Version: 1.0 Date: .*… Читать далее Snowshoe spam ranges
Snowshoe spam ranges
83.240.217.138 cimtejo.org cimtejo.org 2021-10-31T03:30:00Z (+/-10 min) 83.240.217.138/32 (83.240.217.138-83.240.217.138) 103.27.60.222 mx60222.vhost.vn mx60222.vhost.vn 2021-10-31T03:30:00Z (+/-10 min) 103.27.60.222/32 (103.27.60.222-103.27.60.222) 107.170.212.129 irisunlove.com irisunlove.com 2021-10-31T03:30:00Z (+/-10 min) 107.170.212.129/32 (107.170.212.129-107.170.212.129) 178.62.30.23 291487.cloudwaysapps.com 291487.cloudwaysapps.com 2021-10-31T03:30:00Z (+/-10 min) 178.62.30.23/32 (178.62.30.23-178.62.30.23) 178.62.199.76 bankometar.com bankometar.com 2021-10-31T03:30:00Z (+/-10 min) 178.62.199.76/32 (178.62.199.76-178.62.199.76) 189.113.168.101 marte.serverbr5.com marte.serverbr5.com 2021-10-31T03:30:00Z (+/-10 min) 189.113.168.101/32 (189.113.168.101-189.113.168.101) == Sample ========================== MIME-Version: 1.0 Date: .*… Читать далее Snowshoe spam ranges
Snowshoe spam ranges
83.240.217.138 cimtejo.org cimtejo.org 2021-10-31T03:30:00Z (+/-10 min) 83.240.217.138/32 (83.240.217.138-83.240.217.138) 103.27.60.222 mx60222.vhost.vn mx60222.vhost.vn 2021-10-31T03:30:00Z (+/-10 min) 103.27.60.222/32 (103.27.60.222-103.27.60.222) 107.170.212.129 irisunlove.com irisunlove.com 2021-10-31T03:30:00Z (+/-10 min) 107.170.212.129/32 (107.170.212.129-107.170.212.129) 178.62.30.23 291487.cloudwaysapps.com 291487.cloudwaysapps.com 2021-10-31T03:30:00Z (+/-10 min) 178.62.30.23/32 (178.62.30.23-178.62.30.23) 178.62.199.76 bankometar.com bankometar.com 2021-10-31T03:30:00Z (+/-10 min) 178.62.199.76/32 (178.62.199.76-178.62.199.76) 189.113.168.101 marte.serverbr5.com marte.serverbr5.com 2021-10-31T03:30:00Z (+/-10 min) 189.113.168.101/32 (189.113.168.101-189.113.168.101) == Sample ========================== MIME-Version: 1.0 Date: .*… Читать далее Snowshoe spam ranges
spam source
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=dkim; d=ciskamail.com; h=Message-ID:Date:Subject:From:Reply-To:To:MIME-Version:Content-Type: List-Unsubscribe:List-Id; i=notification@ciskamail.com; bh=.*=; b=.*u.* .*f.* .*= Return-Path: <postmaster@ciskamail.com> Message-ID: <.*@ciskamail.com> Date: .* Subject: =?utf-8?Q?=F0=9F=92=A5?= .* Black Fridays Deal | Upto 50% Off | Every Friday in November From: .* <notification@ciskamail.com> Reply-To: .* <info@ciskamail.com> To: «.*» <.*> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=»_=_swift_v4_1635.*_.*c.*f.*_=_» X-Report-Abuse: Please report abuse for this campaign… Читать далее spam source
spam source
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=msgf; d=msgfocus.com; h=Subject:Message-ID:Reply-To:To:List-Unsubscribe:From:Date:MIME-Version: Content-Type; bh=.*=; b=.* .* .*= Subject: This is your chance. Message-ID: <.*-7UT.*-.*-1.*@email.nrscfundraising.org> Reply-To: .* To: .* List-Unsubscribe: <mailto:.*?subject=Unsubscribe> From: «Rick Scott (via NRSC)» <info@email.nrscfundraising.org> Date: .* MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=»—1.*» X-Virtual-MTA: vmta116-126 —-1.* Content-Type: text/plain; charset=»UTF-8″ Content-Transfer-Encoding: quoted-printable WIN A SIGNED MAGA HAT SUPPORTER: example@emailaddress.test ENTRY STATUS:… Читать далее spam source
Loki botnet controller @104.21.31.159
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.31.159 on port 80 (using HTTP POST): hXXp://arinzeproducts.xyz/five/fre.php $ dig +short arinzeproducts.xyz 104.21.31.159
spam emitters
Received: from s2.megojom.ru (megojom.ru [185.10.186.98]) Date: Sun, 31 Oct 2021 03:3x:xx +0000 From: Aleksandr <info@s2.megojom.ru> Subject: Предложение 185.10.186.98 megojom.ru 185.10.186.99 tefalongo.ru 185.10.186.100 eseneno.ru 185.10.186.101 grehemon.ru 185.10.186.102 raferenco.ru
DCRat botnet controller @34.68.50.44
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 34.68.50.44 on port 8888 TCP: $ telnet 34.68.50.44 8888 Trying 34.68.50.44… Connected to 34.68.50.44. Escape character… Читать далее DCRat botnet controller @34.68.50.44
spam emitter @159.203.39.71
Received: from mpxlqj.oecoss.com (159.203.39.71) From: Reduser appetitten<noreply@bet.ru!>; <noreply@email.ellos.no> Subject: Vil du øke din forbrenning? Nå kan du prøve Mory gratis! Date: Sat, 30 Oct 2021 18:1x:xx +0000