Spamvertised website

Received: from 058c73ee.superdealin.buzz (unknown [104.148.28.124]) Date: Wed, 30 Sep 2020 01:2x:xx -0700 From: «Personal dating assistant» <Personaldatingassistant@superdealin.buzz> Subject: Thousands of new babes. Chat now! http://www.superdealin.buzz/l/[] Server IP address is 104.27.135.55 => http://www.superdealin.buzz/[]/index.htm Server IP address is 104.27.135.55 => http://trustedproduct.net/id/cmtp/ Server IP address is 172.67.141.214 => https://www.bunheadil.com/-ygB2i9HTevBssmOZ1BKCll6GTDea4zB4OQqRIJX6-3RWySutfUz6rX0QmYTV-UNBt7uwq1Lc2dAj6jdhVzAeQ~~/CMTP// Server IP address is 161.129.67.112

Repeated spamming using sharepoint.com links to hide behind: cindymatches.com

https://skycollegeus-my.sharepoint.com/:w:/g/personal/erinbrown2_skycollegeus_onmicrosoft_com/EWPzum6lPlBPkRyzKH8tZH8BdEeJ-h0VTI1tMGE0AhZgGw?e=4%3alBei7j&at=9 >>> https://cldrg.com/?a=xx&c=xx&s1=love Meta-Refresh https://cldrg.com?a=xx&c=xx&oc=xx&sr=t&s1=love&vt=xx&h=xx&req=https%3A%2F%2Fcldrg.com%2F%3Fa%3D115981%26c%3D162792%26s1%3Dlove&us=00000000000000000000000000000000 302 Redirect https://matchjunkie.com/dclick?campaign_id=cm_cdd2&s2=xx&s3=xx&lb=1&oid=xx 302 Redirect https://cindymatches.com/?s1=fwe&s3=cmcdd2 cldrg.com. 59 IN A 52.2.252.34 cldrg.com. 59 IN A 3.220.160.66 cldrg.com. 59 IN A 54.173.242.210 cldrg.com. 59 IN A 54.84.245.233 matchjunkie.com. 299 IN A 104.27.129.129 matchjunkie.com. 299 IN A 104.27.128.129 matchjunkie.com. 299 IN A 172.67.194.64 cindymatches.com. 299 IN A 172.67.74.62 cindymatches.com. 299 IN A… Читать далее Repeated spamming using sharepoint.com links to hide behind: cindymatches.com

Spamvertised website

Received: from prep.poweriest.buzz (unknown [104.148.28.50]) Date: Fri, 2 Oct 2020 12:2x:xx -0400 From: «Your Flipbook» <FlipbookTechnology@poweriest.buzz> Subject: Discover The NEW WAY To Share And Monetize Your Ebooks URL: http://poweriest.buzz/[] Server IP address is 104.24.104.198 => Location: http://weaklydeal.com/jv/sqp1 Server IP address is 104.28.16.238 => Location: https://jvz8.com/c/403007/283873 Server IP address is 172.67.151.98

Spamvertised website

Received: from prep.poweriest.buzz (unknown [104.148.28.50]) Date: Fri, 2 Oct 2020 12:2x:xx -0400 From: «Your Flipbook» <FlipbookTechnology@poweriest.buzz> Subject: Discover The NEW WAY To Share And Monetize Your Ebooks URL: http://poweriest.buzz/[] Server IP address is 104.24.104.198 => Location: http://weaklydeal.com/jv/sqp1 Server IP address is 104.28.16.238 => Location: https://jvz8.com/c/403007/283873 Server IP address is 172.67.151.98

Spamvertised website

Received: from mail.amazon.com (v163-44-151-91.a00c.g.sin1.static.cnode.io [163.44.151.91]) From: «RAY-BAN» <notice@amazon.com> Date: 2 Oct 2020 21:2x:xx +0000 Subject: Yearly Clearance Gobble Up These Deals! https://mail.kgr9hq.com/SubscribeClick.aspx?7[] => https://www.rbgxo.com/ mail.kgr9hq.com. 300 IN A 104.28.18.120 mail.kgr9hq.com. 300 IN A 172.67.135.136 mail.kgr9hq.com. 300 IN A 104.28.19.120 www.rbgxo.com. 300 IN A 104.18.46.173 www.rbgxo.com. 300 IN A 104.18.47.173 www.rbgxo.com. 300 IN A 172.67.181.119

Zoltán Zarka

Received: from smtppmtaalltoolsseller.xyz (hwsrv-784858.hostwindsdns.com [192.255.166.122]) by [] with ESMTP id [] for []; Sun, 4 Oct 2020 19:5x:xx +0200 (CEST) Received: from 193.169.253.88 (unknown [193.169.253.88]) (Authenticated sender: alltools14) by smtppmtaalltoolsseller.xyz (Postfix) with ESMTPA id [] for []; Sun, 4 Oct 2020 13:1x:xx -0500 (CDT) From: «Domain Notice» <alltools14@smtppmtaalltoolsseller.xyz> Subject: Domain Notification for [] : This… Читать далее Zoltán Zarka

3rd strike: spamming using sharepoint.com links to hide behind: hookupshub.com

https://skycollegeus-my.sharepoint.com/:w:/g/personal/erinbrown2_skycollegeus_onmicrosoft_com/EWPzum6lPlBPkRyzKH8tZH8BdEeJ-h0VTI1tMGE0AhZgGw?e=4%3alBei7j&at=9 >>> http://track.kcheck43.com/click?pid=502&offer_id=516&sub1=mp 302 Redirect https://convertable.io/smartlink/8fcd4d88-c5f0-4151-b07e-8613b1b5e6c2?source=502&uid=5f7ab36e96c6540001d26cec&pub=1041 302 Redirect https://x.pathtrk.com/c9b1b451-4697-4187-b6d5-64c75624f57b?pub=1041&source=502&uid=5f7ab36e96c6540001d26cec&cs_id=64393edc-c8b3-4c58-9f9f-bbd344376859 302 Redirect https://www.hookupshub.com/x/hye354y/?cep=nr5dW9_tlB2vhnLHRMUj3P-yxD9blDqPVLSX5omAdpWq2gvd2bLn1nsMPmimWX—tl2unILct62x9s4crKfQz1Gy68B8iyXRwoXo_NKYoLvRYuD8t8hPMATkpoOMmJT3bkkOXzlylV7ZIARr73CPDLXqNK4iIiYu2Vh_o3M9pxjjzc2ukGf3A76iZGyyX6Nsl44Lr6lT5S-EyB5RRZx83SB7c5mgBjAjjSu46dvYcPpQhRkGYhXpks5wiIxWEij1WH7ik0_5tE6nY91QAHWZzJsAqwQQ_1la2IDIxHbhRIKi4JiJnkYj7CULtZ1K90YRp3NRE8rgCaN8f7Qw7-9FcJfoqYfr5Nuvs2AThtQGlBsM5k3uGrWlQ0MRYw4g5dFxzWpsPPAITTtb1HYNhc6157wXDZ5jqYkg71veIdgyhtypVzJqncDYkg5ceANiXJr3JhtEBdDlROUW5rjpJh1cIKE0DRNfdKVqkA3FWZDwBis&lptoken=162d012e8729865647a7&pub=1041&source=502&uid=5f7ab36e96c6540001d26cec&cs_id=64393edc-c8b3-4c58-9f9f-bbd344376859 track.kcheck43.com. 13640 IN CNAME bilbono.g2afse.com. bilbono.g2afse.com. 3599 IN CNAME bilbono.affise.com. bilbono.affise.com. 299 IN A 212.32.254.138 convertable.io. 59 IN A 52.3.146.214 convertable.io. 59 IN A 52.201.128.231 x.pathtrk.com. 299 IN CNAME cayield-jostiny.com. cayield-jostiny.com. 59 IN A 13.56.31.93 www.hookupshub.com. 174 IN A 104.18.56.244 www.hookupshub.com. 174 IN… Читать далее 3rd strike: spamming using sharepoint.com links to hide behind: hookupshub.com