Рубрика: microsoft.com

skynelworldwide.com. 599 IN A 34.102.136.180 skynelworldwide.com. 3599 IN MX 0 skynelworldwide-com.mail.protection.outlook.com. skynelworldwide-com.mail.protection.outlook.com. 9 IN A 104.47.21.36 skynelworldwide-com.mail.protection.outlook.com. 9 IN A 104.47.20.36 Received: from host1.hostingphilippines.com (unknown [64.91.226.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by xx; Fri, 20 Nov 2020 04:22:05 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=grassartcollection.com; s=default; h=Date:Reply-To:MIME-Version: Content-Type:To:Subject:From:Sender:Message-ID:Cc:Content-Transfer-Encoding:… Читать далее Using hacked servers/accounts to send fraud spam: skynelworldwide.com (hosting mail service)

The host at this IP address is being (ab)used to «listbomb» email addresses: From: seo-service15@outlook.com Subject: full Proposal Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================ In order to… Читать далее Abused / misconfigured newsletter service (listbombing)

Received: from rpba.7dapei.com (tst3.uaenorth.cloudapp.azure.com [40.123.193.217]) by xxxx; Mon, 23 Nov 2020 13:34:05 -0500 (EST) Date: Mon, 23 Nov 2020 17:22:39 +0100 Message-ID: <xx-xx-x@mx3.cheapnet.it> From: Medicare Made Easy <xxxgodaddy@averynice.com Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=»UTF-8″ X-Gm-Message-State: xx Subject: You may be Eligible for New Medicare Advantage Benefits. X-BeenThere: oauth@7dapei.com X-Mailman-Version: 2.1.12 Precedence: list List-Id: OAUTH WG <oauth.7dapei.com>… Читать далее Spamming for Medicare leads/fraud

Received: from ppau.7dapei.com (tst9.uaenorth.cloudapp.azure.com [40.123.217.215]) by xxx; Tue, 24 Nov 2020 09:44:33 -0500 (EST) Date: Tue, 24 Nov 2020 13:44:03 +0100 Message-ID: <x-x+x-x@mx3.cheapnet.it> From: Cannabis Gummies <prabath@mx3.cheapnet.it> To: xxxx Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=»UTF-8″ X-Gm-Message-State: xxxx Subject: Urgent: Your Limited Time Discount Is Running Out! X-BeenThere: oauth@7dapei.com X-Mailman-Version: 2.1.12 Precedence: list List-Id: OAUTH WG <oauth.7dapei.com>… Читать далее Spamming using cloudapp.azure.com

Received: from niekdhbkbnkk.com (40.123.251.139 [40.123.251.139]) From: Vision Loss Remedy <aMwcZ.g7n171TLb1@L76xJK79sW568D.com> Subject: 96% Of Americans Can Fix Their Vision With THIS Date: Thu, 26 Nov 2020 23:1x:xx +0000 URL: https://storage.googleapis.com/lolablof/eysetry/lksdjfo%20sdkfosi%20sdfkjose%20sdfknsodfj%20eoifjsdf%20sldknfsod.htm Server IP address is 172.217.6.48 => URL: http://r2.tyeuzsoxaaekbl.xyz/ Server IP address is 139.59.90.43

The host at this IP address is being (ab)used to «listbomb» email addresses: From: seo-service15@outlook.com Subject: Re: full Proposal Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================ In order… Читать далее Abused / misconfigured newsletter service (listbombing)

Received: from djildyaewyr.co.uk (52.175.57.192 [52.175.57.192]) From: Erectile Problems <wHTrK.RTuZyWcg4c@6kcpfJnCQ85c1I.com> Subject: [spammer victim] Coronavirus in Bedroom? Date: Fri, 27 Nov 2020 15:4x:xx +0000 URL: https://storage.googleapis.com/[].htm Server IP address is 172.217.6.80 => URL: http://r2.astate.space/rdt/[] Server IP address is 165.22.125.31 => Location: https://www.skimartz.com/[] Server IP address is 198.27.110.114 => Location: https://dxp.go2cloud.org/aff_c?offer_id=1&aff_id=1008&aff_sub=[]&aff_sub2=[] Server IP address is 34.198.147.111 => Location:… Читать далее spam emitter @52.175.57.192

The host at this IP address is being (ab)used to «listbomb» email addresses: From: adastephensdhv@outlook.com Subject: Re: Hybrid and Native Apps Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================… Читать далее Abused / misconfigured newsletter service (listbombing)

The host at this IP address is emitting spam emails. Spam sample ========================================= From: sid.fernandez@hotmail.com Subject: Re: Follow Up =========================================

Received: from bqrslqseauol.com (40.123.255.88 [40.123.255.88]) From: Health Report <[]> Subject: [] If Your Gums Are This Damaged, Your Teeth Will Fall Out In A Few Months Date: Mon, 30 Nov 2020 15:3x:xx +0000 URL: https://pmlratunaportegona.ams3.digitaloceanspaces.com/Dentaloier%20dfdfg%20siduhisdf%20suisie%20sdfjsdf%20sdisdf%20sodihosdf%20sdhsodf%20sdiusdf%20skdisdf.htm Server IP address is 5.101.110.225 => URL: http://r2.campussuite.club/rdt/eCtnajN6YlBZUjluSzdwbTJ5bk1qRSswOE9RWk5xMlVHKzZKazZaK3JHaz0= Server IP address is 165.22.125.31 => Location: https://www.skimartz.com/oXJMSAx9uHTHMhICc_29swuSEqQ5oz8w0R8hmlaNy_sxD5jUkbYPS6RVrN0MMfra0cv04LJyF2hYnnRmiBMG7w~~/4/2927/0 Server IP address is… Читать далее spam emitter @40.123.255.88