I am sure we have all seen these guys..
Jul 14 09:28:07 be msd[39322]: EHLO command received, args:
smtpout441.sonicleads..io
Jul 14 09:28:07 be msd[39322]: MAIL command received, args:
FROM:<[email protected]>
Jul 14 09:28:07 be msd[39322]: RCPT command received (47.74.71.30),
args: TO:<[email protected]>
Seems they have moved from Azure to Alibaba IP Space..
We are noticing more and more activity from Alibaba Cloud targeting
North American targets recently, wonder why the new preference..
147.139.134.202 3 smtpout437.sonicleads.io
147.139.134.90 2 smtpout436.sonicleads.io
147.139.180.57 2 smtpout439.sonicleads.io
147.139.183.34 3 smtpout430.sonicleads.io
147.139.188.207 3 smtpout435.sonicleads.io
147.139.191.103 5 smtpout432.sonicleads.io
147.139.191.134 2 smtpout438.sonicleads.io
149.129.238.232 2 smtpout434.sonicleads.io
149.129.248.235 3 smtpout433.sonicleads.io
161.117.225.20 1 smtpout457.sonicleads.io
198.11.178.225 1 smtpout467.sonicleads.io
47.241.16.97 1 smtpout455.sonicleads.io
47.241.199.146 2 smtpout456.sonicleads.io
47.241.235.177 4 smtpout452.sonicleads.io
47.241.242.44 1 smtpout450.sonicleads.io
47.241.42.10 2 smtpout459.sonicleads.io
47.252.33.142 6 smtpout499.sonicleads.io
47.252.33.159 4 smtpout429.sonicleads.io
47.252.33.97 2 smtpout492.sonicleads.io
47.252.37.114 3 smtpout491.sonicleads.io
47.252.40.18 3 smtpout427.sonicleads.io
47.252.41.246 2 smtpout493.sonicleads.io
47.252.43.229 3 smtpout495.sonicleads.io
47.252.44.109 2 smtpout496.sonicleads.io
47.253.101.43 4 smtpout426.sonicleads.io
47.253.34.27 1 smtpout497.sonicleads.io
47.253.51.162 3 smtpout494.sonicleads.io
47.253.53.30 5 smtpout420.sonicleads.io
47.253.57.23 4 smtpout422.sonicleads.io
47.253.57.250 5 smtpout498.sonicleads.io
47.253.59.119 2 smtpout423.sonicleads.io
47.253.60.142 2 smtpout428.sonicleads.io
47.254.128.188 4 smtpout479.sonicleads.io
47.254.132.162 2 smtpout400.sonicleads.io
47.254.146.137 4 smtpout478.sonicleads.io
47.254.152.255 3 smtpout407.sonicleads.io
47.254.153.214 1 smtpout404.sonicleads.io
47.254.158.52 5 smtpout474.sonicleads.io
47.254.172.108 2 smtpout473.sonicleads.io
47.254.173.150 2 smtpout408.sonicleads.io
47.254.173.241 2 smtpout476.sonicleads.io
47.254.175.142 3 smtpout402.sonicleads.io
47.254.32.203 7 smtpout464.sonicleads.io
47.254.37.80 4 smtpout460.sonicleads.io
47.254.79.186 4 smtpout465.sonicleads.io
47.254.82.112 1 smtpout461.sonicleads.io
47.254.89.29 8 smtpout468.sonicleads.io
47.74.65.33 2 smtpout447.sonicleads.io
47.74.67.62 3 smtpout448.sonicleads.io
47.88.30.160 9 smtpout462.sonicleads.io
47.89.225.111 4 smtpout463.sonicleads.io
47.89.251.204 4 smtpout469.sonicleads.io
47.89.251.229 3 smtpout466.sonicleads.io
47.90.177.182 3 smtpout424.sonicleads.io
47.90.207.7 3 smtpout490.sonicleads.io
47.90.222.239 5 smtpout425.sonicleads.io
47.90.223.214 6 smtpout421.sonicleads.io
47.91.44.68 1 smtpout440.sonicleads.io
47.91.56.161 1 smtpout449.sonicleads.io
47.91.57.235 4 smtpout443.sonicleads.io
47.91.78.250 6 smtpout472.sonicleads.io
47.91.92.189 1 smtpout406.sonicleads.io
47.91.92.36 2 smtpout471.sonicleads.io
8.208.16.112 3 smtpout482.sonicleads.io
8.208.16.69 1 smtpout484.sonicleads.io
8.208.22.202 2 smtpout487.sonicleads.io
8.208.77.234 5 smtpout489.sonicleads.io
8.208.79.86 2 smtpout485.sonicleads.io
8.208.84.136 3 smtpout417.sonicleads.io
8.208.84.86 1 smtpout481.sonicleads.io
8.208.84.98 3 smtpout411.sonicleads.io
8.208.86.112 13 smtpout412.sonicleads.io
8.208.87.136 2 smtpout488.sonicleads.io
8.208.9.14 2 smtpout486.sonicleads.io
8.208.91.7 2 smtpout483.sonicleads.io
8.208.92.254 8 smtpout415.sonicleads.io
8.208.94.161 2 smtpout413.sonicleads.io
8.208.94.56 4 smtpout418.sonicleads.io
8.209.65.128 2 smtpout405.sonicleads.io
8.209.66.142 2 smtpout409.sonicleads.io
8.209.66.53 2 smtpout470.sonicleads.io
8.209.68.11 3 smtpout403.sonicleads.io
8.209.71.103 4 smtpout401.sonicleads.io
8.209.71.147 4 smtpout477.sonicleads.io
8.211.193.139 1 smtpout419.sonicleads.io
8.211.195.146 4 smtpout410.sonicleads.io
8.214.20.185 1 smtpout458.sonicleads.io
8.214.25.75 1 smtpout453.sonicleads.io
8.214.26.175 1 smtpout451.sonicleads.io
8.214.27.183 4 smtpout454.sonicleads.io
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
