We get many fraudulent bitcoin spam mails from the same server group 45.144.215.0 - 45.144.215.255.
Each time, another IP from that group is beeing used - abuse contact for all used servers is ralfnoack1982@gmail.com. I suppose, this could be the spammer himself, since reporting is beeing ignored.
What kind of reporting makes sense in this case? I allready figured out, that the servers are hosted by nshostu.ru - so i instead started to send my reporting to abuse@nshostu.ru. Any other ideas?
Thanks for your help!
Best regards
Sam
This one of many exampels:
Tracking message source: 45.144.215.62:
Routing details for 45.144.215.62[refresh/show] Cached whois for 45.144.215.62 : ralfnoack1982@gmail.comUsing last resort contacts ralfnoack1982@gmail.com
Yum, this spam is fresh!
Message is 0 hours old45.144.215.62 not listed in cbl.abuseat.org45.144.215.62 not listed in dnsbl.sorbs.net45.144.215.62 not listed in accredit.habeas.com45.144.215.62 not listed in plus.bondedsender.org45.144.215.62 not listed in iadb.isipp.com