Spammer hosting located here: https://zshorten.com/KpVVp -> https://dailyprizes.us/yudc —> https://kooltee.us/ovq1 —> https://www.centzon.com/products/3-layers-antibacterial-anti-dust-reusable-cotton-face-masks-protect-yourself?variant=1000002443274321 $ dig +short dailyprizes.us 104.24.106.235 104.24.107.235 Spam sample ==================================================================== Received: from mail-lj1-f196.google.com (HELO mail-lj1-f196.google.com) (209.85.208.196) by X (qpsmtpd/0.80) with (AES128-SHA encrypted) ESMTPS; Thu, 09 Apr 2020 X Received: by mail-lj1-f196.google.com with SMTP id X for <X>; Thu, 09 Apr 2020 X DKIM-Signature: X X-Google-DKIM-Signature:… Читать далее Spammer hosting @104.24.107.235

Spammer hosting located here: https://zshorten.com/KpVVp -> https://dailyprizes.us/yudc —> https://kooltee.us/ovq1 —> https://www.centzon.com/products/3-layers-antibacterial-anti-dust-reusable-cotton-face-masks-protect-yourself?variant=1000002443274321 $ dig +short kooltee.us 104.31.91.115 104.31.90.115 Spam sample ==================================================================== Received: from mail-lj1-f196.google.com (HELO mail-lj1-f196.google.com) (209.85.208.196) by X (qpsmtpd/0.80) with (AES128-SHA encrypted) ESMTPS; Thu, 09 Apr 2020 X Received: by mail-lj1-f196.google.com with SMTP id X for <X>; Thu, 09 Apr 2020 X DKIM-Signature: X X-Google-DKIM-Signature:… Читать далее Spammer hosting @104.31.91.115

Spammer hosting located here: https://zshorten.com/KpVVp -> https://dailyprizes.us/yudc —> https://kooltee.us/ovq1 —> https://www.centzon.com/products/3-layers-antibacterial-anti-dust-reusable-cotton-face-masks-protect-yourself?variant=1000002443274321 $ dig +short kooltee.us 104.31.91.115 104.31.90.115 Spam sample ==================================================================== Received: from mail-lj1-f196.google.com (HELO mail-lj1-f196.google.com) (209.85.208.196) by X (qpsmtpd/0.80) with (AES128-SHA encrypted) ESMTPS; Thu, 09 Apr 2020 X Received: by mail-lj1-f196.google.com with SMTP id X for <X>; Thu, 09 Apr 2020 X DKIM-Signature: X X-Google-DKIM-Signature:… Читать далее Spammer hosting @104.31.90.115

Spammer hosting located here: http://poklaws.diskstation.org/lidloks -> http://smplewilld.com/r/X —> https://smplewilld.com/r2/X —> https://unsigonse.com/ch-lidl/?s1=X $ dig +short unsigonse.com 104.24.97.25 104.24.96.25

Received: from 01feb7e1.pandemicsurv.icu (unknown [142.11.229.185]) Date: Sat, 2 May 2020 03:4x:xx -0700 From: «Global Crisis» <GlobalCrisis@pandemicsurv.icu> Subject: Gwenith Paltrow and corona… http://www.pandemicsurv.icu/[] => https://pandemic-secrets.com/dvideo/?[] => https://www.buygoods.com/secure/?s[] www.pandemicsurv.icu. 1799 IN A 191.101.166.78 pandemic-secrets.com. 300 IN A 104.24.107.143 pandemic-secrets.com. 300 IN A 104.24.106.143 www.buygoods.com. 1800 IN A 173.192.183.235 If You do not want to receive further mails… Читать далее Spamvertised website

Update 2020-05-13 Received: from tampa.corocell.guru (unknown [50.2.212.74]) Date: Wed, 13 May 2020 04:5x:xx -0400 From: «VAHomeSavings» <VAReliefProgram@corocell.guru> Subject: VA housing benefits are going unclaimed in {{contact.state}} URL redirects: URL: http://corocell.guru/[] Server IP address is 107.158.163.223 Location: http://specialsoffers.co/adv/vassp1 Server IP address is 104.28.18.246 Location: https://www.bests.guru/73MDC78/NDP81F4/?sub1=vssp1 Server IP address is 104.28.14.87 ——————————————————- Received: from durham.saniday.live (unknown [170.130.209.133])… Читать далее Spamvertised website

Received: from 058c6b8d.techvisions.bid (unknown [173.44.148.71]) Date: Thu, 7 May 2020 04:2x:xx -0700 From: «Padre» <Padre@techvisions.bid> Subject: Discover your Angelic Horoscope! URL redirects: http://www.techvisions.bid/[] https://tps.buzz/tg/pt/ https://bit.ly/3cdZNTE https://routernetix.com/4ZCZ-cci89nJiWVxbJ8dTu-5IyhTn6-3tmM708FZ_2sUUAzs5z_FkYbspdn0URVA0G0XB8mehkkMjzbAKYDQ8g~~/PTP/ www.techvisions.bid. 300 IN A 104.31.84.184 www.techvisions.bid. 300 IN A 104.31.85.184 tps.buzz. 300 IN A 104.24.124.187 tps.buzz. 300 IN A 104.24.125.187 routernetix.com. 300 IN A 216.52.165.97

Update 2020-05-14 Received: from 058c6be0.boostpowers.us (unknown [50.3.104.50]) Date: Thu, 14 May 2020 07:2x:xx -0700 From: «Claim karambit Black» <ClaimkarambitBlack@boostpowers.us> Subject: Get This Wicked Sharp Knife For Free URL redirects: http://www.boostpowers.us/[] http://tps.buzz/kn/ftbkkt/ https://trk.knxtrk.com/aff_c?offer_id=29&aff_id=1111&aff_sub=FTBKKTP https://www.americangunner.com/blackkarambit?utm_source=konex_A1111&utm_medium=SFTBKKTP_C_T102d39a57f48f7c8e0376cffcf55a4&utm_campaign=O29 www.boostpowers.us. 1423 IN A 192.3.177.217 tps.buzz. 300 IN A 104.24.125.187 tps.buzz. 300 IN A 104.24.124.187 trk.knxtrk.com. 14400 IN CNAME konex-elb.go2cloud.org. konex-elb.go2cloud.org. 60… Читать далее Spamvertised website

Received: from vista.skinnyhome.live (unknown [104.206.97.20]) Date: Thu, 7 May 2020 08:4x:xx -0400 From: «WeBuyHomes4Cash» <WBH4C@skinnyhome.live> Subject: Benefits of WeBuyHomes4Cash vs Traditional Selling URL redirects: URL: http://skinnyhome.live/[] Server IP address is 104.27.167.198 Location: http://specialsoffers.co/clb/wbhp1 Server IP address is 104.28.18.246 Location: https://bit.ly/2YGw6H3 Server IP address is 67.199.248.11 Location: https://m.clickbooth.com/c/aff?lid=846716&subid1=wbhp1&subid2=&subid3=&subid4=&subid5= Server IP address is 18.206.131.237 Location: http://gettingdat.com/?o=565&a=326&subid=846716&subid2=9icuRFM3RBIKpvYuaEemix34jNA&subid3=wbhp1 Server… Читать далее Spamvertised website

Received: from echo.musictoday.icu (unknown [198.55.102.227]) Date: Thu, 7 May 2020 19:5x:xx -0400 From: «TV Caster» <Support@musictoday.icu> Subject: HDMI Miracast Airplay Wireless Dongle Stick for Smartphones and All Smart-TV URL redirects: URL: http://musictoday.icu/[] Server IP address is 104.18.51.28 => Location: https://track.h8m8.com/aff_c?offer_id=4550&aff_id=3013&url_id=[]&aff_sub=[]&aff_sub2=[]&aff_sub3=[] Server IP address is 184.72.2.57 Location: https://www.feedtoday.net/products/tvcast/advertorial?disclaimer=ADVERTORIAL&cop_id=[]&aff_id=3013&txid=[]&offer_id=4550&show_timer={timer}&linkout={linkout}&aff_sub=5297-C2&aff_sub2=KRmaY7&aff_sub3=[]&aff_sub4=&aff_sub5=&aff_click_id=&reviews_off={reviews_off}&recentlybought={recentlybought} Server IP address is 104.24.125.67