digitalocean.com — Страница 28

«Piush Verma» / OMICS

A number of scattered VPS servers in the dnsrd.com domain are sending spam for OMICS, a publisher of «peer-reviewed open access journals» advertised by spam sent to scraped, purchased, or appended lists. SENDING IPs: 159.65.198.110 gsc1.pm.dnsrd.com 167.99.223.197 gsc2.pm.dnsrd.com 165.232.156.54 gsc3.pm.dnsrd.com 143.198.61.118 gsc4.pm.dnsrd.com 206.189.7.137 gsc5.pm.dnsrd.com 64.227.76.145 gsc6.pm.dnsrd.com 64.227.70.140 gsc7.pm.dnsrd.com 64.227.78.106 gsc8.pm.dnsrd.com 64.227.70.171 gsc9.pm.dnsrd.com 64.227.78.214 gsc10.pm.dnsrd.com 143.198.235.231… Читать далее «Piush Verma» / OMICS

spam emitter @143.198.55.119

Received: from zmbekg.nosaj.com (143.198.55.119) From: Anna Freuler<reply@lidl.ru!>;<service@stayfriends.de> Subject: [], Heute schenken wir unseren Kunden einen 500€ Rewe-Gutschein Date: Mon, 01 Nov 2021 03:3x:xx +0000

spam source

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=default; d=marsints.com; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type; i=admin@marsints.com; bh=.*=; b=.* .*= From: admin <admin@marsints.com> To: .* Subject: Quotation: 29083 — Mouse Mats — HARD TOP Date: .* Message-ID: <202110311.*@marsints.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=»—-=_NextPart_000_0012_.*» This is a multi-part message in MIME format. ——=_NextPart_000_0012_.* Content-Type: text/html; charset=»iso-8859-1″ Content-Transfer-Encoding: quoted-printable <HTML><HEAD> <META name=3DGENERATOR content=3D»MSHTML 11.00.9600.19003″></HEAD> <body> <P… Читать далее spam source

Snowshoe spam ranges

83.240.217.138 cimtejo.org cimtejo.org 2021-10-31T03:30:00Z (+/-10 min) 83.240.217.138/32 (83.240.217.138-83.240.217.138) 103.27.60.222 mx60222.vhost.vn mx60222.vhost.vn 2021-10-31T03:30:00Z (+/-10 min) 103.27.60.222/32 (103.27.60.222-103.27.60.222) 107.170.212.129 irisunlove.com irisunlove.com 2021-10-31T03:30:00Z (+/-10 min) 107.170.212.129/32 (107.170.212.129-107.170.212.129) 178.62.30.23 291487.cloudwaysapps.com 291487.cloudwaysapps.com 2021-10-31T03:30:00Z (+/-10 min) 178.62.30.23/32 (178.62.30.23-178.62.30.23) 178.62.199.76 bankometar.com bankometar.com 2021-10-31T03:30:00Z (+/-10 min) 178.62.199.76/32 (178.62.199.76-178.62.199.76) 189.113.168.101 marte.serverbr5.com marte.serverbr5.com 2021-10-31T03:30:00Z (+/-10 min) 189.113.168.101/32 (189.113.168.101-189.113.168.101) == Sample ========================== MIME-Version: 1.0 Date: .*… Читать далее Snowshoe spam ranges

Snowshoe spam ranges

spam emitter @159.203.39.71

Received: from mpxlqj.oecoss.com (159.203.39.71) From: Reduser appetitten<noreply@bet.ru!>; <noreply@email.ellos.no> Subject: Vil du øke din forbrenning? Nå kan du prøve Mory gratis! Date: Sat, 30 Oct 2021 18:1x:xx +0000

phishing server

Fast Flux MAAS / PAAS node 178.128.118.254|artem174russsh.com|2021-10-25 00:21:05 178.128.118.254|artem19982009sh.com|2021-10-10 20:00:42 178.128.118.254|artem1yesh.com|2021-10-25 00:20:43 178.128.118.254|artem2912sh.com|2021-10-25 00:20:49 178.128.118.254|artem347sh.com|2021-10-30 03:50:58 178.128.118.254|artemrosh.com|2021-10-15 20:21:15 178.128.118.254|artemteshash.com|2021-10-10 19:45:38 178.128.118.254|artjackssh.com|2021-10-20 05:11:27 178.128.118.254|artlordsh.com|2021-10-15 20:21:01 178.128.118.254|brarterhonlamsf.com|2021-10-22 19:10:40 178.128.118.254|chinteainsificansion.com|2021-10-24 07:25:54 178.128.118.254|collupainsificansion.com|2021-10-10 20:11:06 178.128.118.254|cytsmdwlfh.com|2021-10-25 00:21:08 178.128.118.254|decrevendowneyainsificansion.com|2021-10-10 20:10:52 178.128.118.254|dgmgguxibu.com|2021-10-17 12:25:58 178.128.118.254|fronidaccescalainsificansion.com|2021-10-19 13:47:38 178.128.118.254|gcwfdsqbkv.com|2021-10-24 18:10:56 178.128.118.254|hivvnomhonlamsf.com|2021-10-22 19:12:51 178.128.118.254|kabipjytwr.com|2021-10-25 00:36:00 178.128.118.254|kopponshonlamsf.com|2021-10-13 06:24:08 178.128.118.254|lamicondshonlamsf.com|2021-10-13 00:32:00 178.128.118.254|locaustrolhonlamsf.com|2021-10-13 13:47:17 178.128.118.254|mojlaxnmrc.com|2021-10-24 23:20:50 178.128.118.254|msmsnoiociydknoehelpgenesh.com|2021-10-17 14:35:52 178.128.118.254|mulapsainsificansion.com|2021-10-23… Читать далее phishing server

phishing server

hXXp://us-bank.co.in/login/Chase/ $ host us-bank.co.in us-bank.co.in has address 137.184.151.191 137.184.151.191|chases-info.co|2021-10-29 00:20:44 137.184.151.191|chases-info.com|2021-10-29 00:21:17 137.184.151.191|controlinfosec.com|2021-10-28 23:40:47 137.184.151.191|primevideonow16.ga|2021-10-10 11:05:52 137.184.151.191|themoneyinfo.com|2021-10-29 02:10:42 137.184.151.191|usbank-info.info|2021-10-29 19:20:53

Spamvertised website

2021-10-28 crystals.com.de. 60 IN A 159.65.196.250 2021-10-26 crystals.com.de. 60 IN A 165.232.118.6 2021-10-25 crystals.com.de. 60 IN A 46.101.3.14 Received: from gotogml.com (gotogml.com. [185.122.223.223]) From: 🔔Gemeentelijk Energie <[]@gotogml.com> Date: Fri, 08 Oct 2021 09:1x:xx +0000 Subject: Nieuw in uw gemeente: bespaar via het Gemeentelijke Energie Collectief http://crystals.com.de/rd/[] 185.146.157.69 https://laudypauty.com/[] 209.159.146.166 https://sendt.go2cloud.org/aff_c?offer_id=2893&aff_id=1482&aff_sub=472864&aff_sub2=[]&aff_sub3=31 18.202.12.61