my-cpe.com (MyCPE) (repeat spam)

The domain my-cpe.com (MyCPE) is sending spam to Spamhaus spamtraps. This domain has been listed in the Spamhaus DBL previously, and spam cleared up for a few weeks, but it’s back.

The spam we see from my-cpe.com is generally sent through a third party, presumably hired by MyCPE. Today’s spams were sent through Benchmark Email, a respected email service provider. The footer indicates that an entity called «Brown Accounting LLC» supposedly sent the spam.

As usual, we remind MyCPE and other businesses that they are responsible for what third party companies that they hire, or that are hired on their behalf, do in their name.

SPAM SAMPLE:

Received: from pmta604.dedicated.bmsend.com (pmta604.dedicated.bmsend.com [12.174.236.139])
Date: Mon, 08 Nov 2021 10:46:31 -0500
From: Bob Willson <info@freecpewebinar.com>
Subject: Exclusive Unlimited CPE Access only @299

<snip>

They say if you fulfilled your continuing education requirements without challenges, then probably you haven’t got them all.

<snip>

Team myCPE
www.my-cpe.com

Feel free to contact us on support@my-cpe.com if you have any questions.

<snip>

You are receiving this email because of your relationship with Brown Accounting LLP. Please reconfirm your interest in receiving emails from us.

<snip>

HOST LOOKUP:

$ host my-cpe.com
my-cpe.com has address 13.249.25.20
my-cpe.com has address 13.249.25.101
my-cpe.com has address 13.249.25.75
my-cpe.com has address 13.249.25.83
my-cpe.com mail is handled by 0 mycpe-com0e.mail.protection.outlook.com.

WHOIS:

# start

NetRange: 13.244.0.0 — 13.251.255.255
CIDR: 13.248.0.0/14, 13.244.0.0/14
NetName: AT-88-Z
NetHandle: NET-13-244-0-0-1
Parent: NET13 (NET-13-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon Technologies Inc. (AT-88-Z)
RegDate: 2018-07-11
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/13.244.0.0

OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2021-07-28
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AT-88-Z

OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-266-4064
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN

OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: abuse@amazonaws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN

OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-266-4064
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN

OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-266-4064
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN

OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-266-4064
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN

# end

# start

NetRange: 13.249.0.0 — 13.249.255.255
CIDR: 13.249.0.0/16
NetName: AMAZO-CF
NetHandle: NET-13-249-0-0-1
Parent: AT-88-Z (NET-13-244-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Amazon.com, Inc. (AMAZON-4)
RegDate: 2020-05-19
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/13.249.0.0

OrgName: Amazon.com, Inc.
OrgId: AMAZON-4
Address: 1918 8th Ave
City: SEATTLE
StateProv: WA
PostalCode: 98101-1244
Country: US
RegDate: 1995-01-23
Updated: 2021-07-22
Ref: https://rdap.arin.net/registry/entity/AMAZON-4

OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-266-4064
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN

OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-266-4064
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN

OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: abuse@amazonaws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN

OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-266-4064
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN

OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-266-4064
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN

Domain Name: my-cpe.com
Registry Domain ID: 2318933209_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2019-05-15T22:29:55Z
Creation Date: 2018-10-08T04:48:14Z
Registrar Registration Expiration Date: 2022-10-08T04:48:14Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: Registration Private
Registrant Organization: Domains By Proxy, LLC
Registrant Street: DomainsByProxy.com
Registrant Street: 2155 E Warner Rd
Registrant City: Tempe
Registrant State/Province: Arizona
Registrant Postal Code: 85284
Registrant Country: US
Registrant Phone: +1.4806242599
Registrant Phone Ext:
Registrant Fax: +1.4806242598
Registrant Fax Ext:
Registrant Email: my-cpe.com@domainsbyproxy.com
Registry Tech ID: Not Available From Registry
Tech Name: Registration Private
Tech Organization: Domains By Proxy, LLC
Tech Street: DomainsByProxy.com
Tech Street: 2155 E Warner Rd
Tech City: Tempe
Tech State/Province: Arizona
Tech Postal Code: 85284
Tech Country: US
Tech Phone: +1.4806242599
Tech Phone Ext:
Tech Fax: +1.4806242598
Tech Fax Ext:
Tech Email: my-cpe.com@domainsbyproxy.com
Registry Admin ID: Not Available From Registry
Admin Name: Registration Private
Admin Organization: Domains By Proxy, LLC
Admin Street: DomainsByProxy.com
Admin Street: 2155 E Warner Rd
Admin City: Tempe
Admin State/Province: Arizona
Admin Postal Code: 85284
Admin Country: US
Admin Phone: +1.4806242599
Admin Phone Ext:
Admin Fax: +1.4806242598
Admin Fax Ext:
Admin Email: my-cpe.com@domainsbyproxy.com
Name Server: NS-1600.AWSDNS-08.CO.UK
Name Server: NS-1051.AWSDNS-03.ORG
Name Server: NS-958.AWSDNS-55.NET
Name Server: NS-146.AWSDNS-18.COM

Опубликовано
В рубрике amazon.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *