Spam Emitters (Labas Group) (Nermeka/Toltrade)

The following IP addresses are sending spam for Labas Group, also known of as Nermeka, Toltrade, Bau Gruppe, and other names as well. Nermeka is a temporary staffing company based in Lithuania that advertises its services by spamming scraped, purchased or appended lists.

Received: from mail0.labas-hire.com (mail0.labas-hire.com [141.95.160.192])

SENDING IPs:

mail0.labas-hire.com 141.95.160.192
mail1.labas-hire.com 178.32.117.122
mail2.labas-hire.com 178.32.122.85
mail3.labas-hire.com 178.32.123.171
mail4.labas-hire.com 178.32.123.172

SPAM SAMPLE:

Received: from mail0.labas-hire.com (mail0.labas-hire.com [141.95.160.192])
Date: Mon, 11 Apr 2022 10:##:## +0000
From: Viktorija <reply@labas-hire.com>
Reply-To: Viktorija <info@hirelabas.com>
Subject: Arbeitnehmerüberlassung

<snip>

Arbeitnehmerüberlassung osteuropäische Mitarbeiter für Produktion Logistik und Weiterverarbeitung
Arbeitnehmerüberlassungs

[ Temporäre Mitarbeitern/innen auf Basis der Zeitarbeit aus Litauen ]
[[ https://mailwizz.zeitarbeits.eu/index.php/campaigns/<x> ]]

<snip>

% Information related to ‘141.95.160.0 — 141.95.160.255’

% Abuse contact for ‘141.95.160.0 — 141.95.160.255’ is ‘abuse@ovh.net’

inetnum: 141.95.160.0 — 141.95.160.255
netname: VPS-GRA8
country: FR
org: ORG-OS3-RIPE
geoloc: 50.98721 2.120542
admin-c: OTC2-RIPE
tech-c: OTC2-RIPE
status: ASSIGNED PA
mnt-by: OVH-MNT
created: 2021-11-26T16:03:07Z
last-modified: 2021-11-26T16:03:07Z
source: RIPE

organisation: ORG-OS3-RIPE
org-name: OVH SAS
country: FR
org-type: LIR
address: 2 rue Kellermann
address: 59100
address: Roubaix
address: FRANCE
phone: +33972101007
admin-c: OTC2-RIPE
admin-c: OK217-RIPE
admin-c: GM84-RIPE
abuse-c: AR15333-RIPE
mnt-ref: OVH-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: OVH-MNT
created: 2004-04-17T11:23:17Z
last-modified: 2020-12-16T10:24:51Z
source: RIPE # Filtered

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
tech-c: SL10162-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
created: 2004-01-28T17:42:29Z
last-modified: 2014-09-05T10:47:15Z
source: RIPE # Filtered

% Information related to ‘141.95.128.0/17AS16276’

route: 141.95.128.0/17
origin: AS16276
mnt-by: OVH-MNT
created: 2021-09-30T13:59:47Z
last-modified: 2021-09-30T13:59:47Z
source: RIPE

% Information related to ‘178.32.96.0 — 178.32.127.255’

% Abuse contact for ‘178.32.96.0 — 178.32.127.255’ is ‘abuse@ovh.net’

inetnum: 178.32.96.0 — 178.32.127.255
netname: OVH
descr: OVH SAS
descr: Dedicated Servers
descr: http://www.ovh.com
country: FR
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ASSIGNED PA
mnt-by: OVH-MNT
created: 2010-03-19T17:06:09Z
last-modified: 2010-03-19T17:06:09Z
source: RIPE

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
tech-c: SL10162-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
created: 2004-01-28T17:42:29Z
last-modified: 2014-09-05T10:47:15Z
source: RIPE # Filtered

person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
mnt-by: OVH-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2017-10-30T21:44:51Z
source: RIPE # Filtered

% Information related to ‘178.32.0.0/15AS16276’

route: 178.32.0.0/15
descr: OVH ISP
descr: Paris, France
origin: AS16276
mnt-by: OVH-MNT
created: 2010-01-19T16:39:43Z
last-modified: 2010-01-19T16:39:43Z
source: RIPE # Filtered

Domain Name: hirelabas.com
Registry Domain ID: 2118448724_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: https://www.godaddy.com
Updated Date: 2021-04-26T10:41:07Z
Creation Date: 2017-04-28T01:34:36Z
Registrar Registration Expiration Date: 2024-04-28T01:34:36Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: Registration Private
Registrant Organization: Domains By Proxy, LLC
Registrant Street: DomainsByProxy.com
Registrant Street: 2155 E Warner Rd
Registrant City: Tempe
Registrant State/Province: Arizona
Registrant Postal Code: 85284
Registrant Country: US
Registrant Phone: +1.4806242599
Registrant Phone Ext:
Registrant Fax: +1.4806242598
Registrant Fax Ext:
Registrant Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=hirelabas.com
Registry Tech ID: Not Available From Registry
Tech Name: Registration Private
Tech Organization: Domains By Proxy, LLC
Tech Street: DomainsByProxy.com
Tech Street: 2155 E Warner Rd
Tech City: Tempe
Tech State/Province: Arizona
Tech Postal Code: 85284
Tech Country: US
Tech Phone: +1.4806242599
Tech Phone Ext:
Tech Fax: +1.4806242598
Tech Fax Ext:
Tech Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=hirelabas.com
Registry Admin ID: Not Available From Registry
Admin Name: Registration Private
Admin Organization: Domains By Proxy, LLC
Admin Street: DomainsByProxy.com
Admin Street: 2155 E Warner Rd
Admin City: Tempe
Admin State/Province: Arizona
Admin Postal Code: 85284
Admin Country: US
Admin Phone: +1.4806242599
Admin Phone Ext:
Admin Fax: +1.4806242598
Admin Fax Ext:
Admin Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=hirelabas.com
Name Server: NS33.DOMAINCONTROL.COM
Name Server: NS34.DOMAINCONTROL.COM
DNSSEC: unsigned

Domain Name: LABAS-HIRE.COM
Registry Domain ID: 2365416268_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tucows.com
Registrar URL: http://tucowsdomains.com
Updated Date: 2022-03-30T16:04:40
Creation Date: 2019-03-02T08:12:03
Registrar Registration Expiration Date: 2023-03-02T08:12:03
Registrar: TUCOWS, INC.
Registrar IANA ID: 69
Reseller: SiteGround Spain S.L.
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Registry Registrant ID:
Registrant Name: Contact Privacy Inc. Customer 0154108614
Registrant Organization: Contact Privacy Inc. Customer 0154108614
Registrant Street: 96 Mowat Ave
Registrant City: Toronto
Registrant State/Province: ON
Registrant Postal Code: M6K 3M1
Registrant Country: CA
Registrant Phone: +1.4165385457
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: labas-hire.com@contactprivacy.com
Registry Admin ID:
Admin Name: Contact Privacy Inc. Customer 0154108614
Admin Organization: Contact Privacy Inc. Customer 0154108614
Admin Street: 96 Mowat Ave
Admin City: Toronto
Admin State/Province: ON
Admin Postal Code: M6K 3M1
Admin Country: CA
Admin Phone: +1.4165385457
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: labas-hire.com@contactprivacy.com
Registry Tech ID:
Tech Name: Contact Privacy Inc. Customer 0154108614
Tech Organization: Contact Privacy Inc. Customer 0154108614
Tech Street: 96 Mowat Ave
Tech City: Toronto
Tech State/Province: ON
Tech Postal Code: M6K 3M1
Tech Country: CA
Tech Phone: +1.4165385457
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: labas-hire.com@contactprivacy.com
Name Server: lila.ns.cloudflare.com
Name Server: ethan.ns.cloudflare.com
DNSSEC: unsigned

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *