Received: from mail.webeyp.net (124.70.2.218) by MW2NAM04FT038.mail.protection.outlook.com (10.13.31.135) with Microsoft SMTP Server id 15.20.4755.13 via Frontend Transport; Mon, 6 Dec 2021 05:4x:xx +0000 Received: from EC2AMAZ-6HIISNT.us-west-2.compute.internal (ec2-54-186-136-108.us-west-2.compute.amazonaws.com [54.186.136.108]) by mail.webeyp.net (Postfix) with ESMTPSA id []; Mon, 6 Dec 2021 11:2x:xx +0800 (CST) Subject: Re: Can You Be Trusted? From: «Miss. Zahra Husameddine» <akademia@golf.lublin.pl> Date: Mon, 06… Читать далее spam emitter @54.186.136.108
Рубрика: amazon.com
AsyncRAT botnet controller @3.138.180.119
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 3.138.180.119 on port 18729 TCP: $ telnet 3.138.180.119 18729 Trying 3.138.180.119… Connected to 3.138.180.119. Escape character… Читать далее AsyncRAT botnet controller @3.138.180.119
spam source
52.19.172.15 storagegenie2.dyndns.info «storagegenie2.dyndns.info» 2021-12-04T22:40:00Z (+/-10 min) 52.19.172.15/32 (52.19.172.15 .. 52.19.172.15) == Sample ========================== Received: from vidavo.eu (ec2-3-35-173-90.ap-northeast-2.compute.amazonaws.com [3.35.173.90]) by storagegenie2.dyndns.info (Postfix) with ESMTPA id .*121.* for <.*>; .* Reply-To: jciaramella@saccoflllas.com From: .* <donotreply@vidavo.eu> To: .* Subject: COVID19 .* Lottery Annoucement Date: .* Message-ID: <202112042.*2.*@vidavo.eu> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML> <html><head><title></title> <meta http-equiv=3D»X-UA-Compatible»… Читать далее spam source
Snowshoe spam ranges
? 143.55.227.11 13.static.win.donaldjtrump.com «13.static.win.donaldjtrump.com» 2021-12-04T21:30:00Z (+/-10 min) ? 143.55.227.31 15.static.win.donaldjtrump.com «15.static.win.donaldjtrump.com» 2021-12-04T20:20:00Z (+/-10 min) ? 143.55.227.136 14.static.win.donaldjtrump.com «14.static.win.donaldjtrump.com» 2021-12-04T20:20:00Z (+/-10 min) ? 143.55.227.166 17.static.win.donaldjtrump.com «17.static.win.donaldjtrump.com» 2021-12-04T20:20:00Z (+/-10 min) ? 143.55.227.243 12.static.win.donaldjtrump.com «12.static.win.donaldjtrump.com» 2021-12-04T20:20:00Z (+/-10 min) 143.55.227.0/24 (143.55.227.0 .. 143.55.227.255) w? 161.38.194.206 2.static.win.donaldjtrump.com «2.static.win.donaldjtrump.com» 2021-12-04T20:30:00Z (+/-10 min) 161.38.194.206/32 (161.38.194.206 .. 161.38.194.206) w? 161.38.198.190 3.static.win.donaldjtrump.com «3.static.win.donaldjtrump.com» 2021-12-04T21:30:00Z… Читать далее Snowshoe spam ranges
spam source
Spamming whois contacts for newly registered domains. Received: from a64-26.smtp-out.amazonses.com (a64-26.smtp-out.amazonses.com [54.240.64.26]) by [deleted] (Postfix) with ESMTPS id [deleted] for <[deleted]>; Fri, 3 Dec 2021 22:xx:xx -0600 (CST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=[deleted]; d=retaxify.com; t=[deleted]; h=From:Reply-To:To:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID:Date; bh=[deleted] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=[deleted]; d=amazonses.com; t=[deleted]; h=From:Reply-To:To:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID:Date:Feedback-ID; bh=[deleted] From: Retaxify <info@retaxify.com> Reply-To: info@retaxify.com To: [deleted]… Читать далее spam source
spam source
[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. 143.55.227.11 13.static.win.donaldjtrump.com «13.static.win.donaldjtrump.com» 2021-11-29T04:50:00Z (+/-10 min) 143.55.227.18 11.static.win.donaldjtrump.com «11.static.win.donaldjtrump.com» 2021-11-29T04:50:00Z (+/-10… Читать далее spam source
spam source
[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. 143.55.227.11 13.static.win.donaldjtrump.com «13.static.win.donaldjtrump.com» 2021-11-29T04:50:00Z (+/-10 min) 143.55.227.18 11.static.win.donaldjtrump.com «11.static.win.donaldjtrump.com» 2021-11-29T04:50:00Z (+/-10… Читать далее spam source
spam source
[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. 52.200.59.54 mta03-54.m.rakuten.com «mta03-54.m.rakuten.com» 2021-11-28T13:40:00Z (+/-10 min) 52.200.59.55 mta03-55.m.rakuten.com «mta03-55.m.rakuten.com» 2021-11-28T13:40:00Z (+/-10… Читать далее spam source
Spamvertised website
Received: from llce.top (45.45.216.214) Date: Thu, 02 Dec 2021 09:0x:xx +0000 Subject: Skann datamaskinen med Norton Secured From: Norton AntiVirus <mail@luckyjackpot4you.com> https://llce.top/index.php/campaigns/[] 45.45.216.214 https://track.helloproducts4you.com/3[] 18.196.84.70 https://contestwinpros.com/nep80/22/ 162.0.217.38
spam emitter @69.169.224.2
Received: from b224-2.smtp-out.eu-central-1.amazonses.com (69.169.224.2) Subject: News: China Officially Backs a CryptoCurrency and It’s Already in Sweden From: Malin Holm <holm@morningstocktip.com> Date: Thu, 2 Dec 2021 05:4x:xx +0000