This IP address hosts the A record and website of the domain reklaimyou.com. This domain is spamming heavily through direct bulk email sender @Mail250. Received: from sfr57.top (sfr57.top [51.79.69.115]) Date: Mon, 31 Jan 2022 00:##:## +0530 From: Reklaim <hello@reklaimyou.com> Subject: Your consent is required <snip> [Take back what is yours.] [[ URI: https://smtracking.reklaimyou.com/track/click/<x> Redirects to… Читать далее reklaimyou.com (Reklaim)
Malware botnet controller @172.67.202.104
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 172.67.202.104 on port 80 (using HTTP GET): hXXp://hornygl.xyz/addInstall.php $ dig +short hornygl.xyz 172.67.202.104 Referencing malware binaries (MD5 hash): 00ffe9c9aa3975d6acc495795b775cf3 — AV detection:… Читать далее Malware botnet controller @172.67.202.104
SMS Spammer hosting
SMS Spammed URL: https://aircloak.co/[] Looks like a URL shortener, but all URLs redirect to https://newsfor24x7.com/lean/[] aircloak.co. 143 IN A 172.67.223.45 aircloak.co. 143 IN A 104.21.38.139 newsfor24x7.com. 300 IN A 172.67.194.201 newsfor24x7.com. 300 IN A 104.21.52.36 — Domain Name: aircloak.co Registry Domain ID: DC5DBB495F5274DEA959A0F9EEFC612A9-GDREG Registrar WHOIS Server: Registrar URL: www.ownregistrar.com Updated Date: 2022-01-27T11:31:14Z Creation Date: 2021-07-28T18:18:55Z… Читать далее SMS Spammer hosting
SMS Spammer hosting
SMS Spammed URL: https://aircloak.co/[] Looks like a URL shortener, but all URLs redirect to https://newsfor24x7.com/lean/[] aircloak.co. 143 IN A 172.67.223.45 aircloak.co. 143 IN A 104.21.38.139 newsfor24x7.com. 300 IN A 172.67.194.201 newsfor24x7.com. 300 IN A 104.21.52.36 — Domain Name: aircloak.co Registry Domain ID: DC5DBB495F5274DEA959A0F9EEFC612A9-GDREG Registrar WHOIS Server: Registrar URL: www.ownregistrar.com Updated Date: 2022-01-27T11:31:14Z Creation Date: 2021-07-28T18:18:55Z… Читать далее SMS Spammer hosting
SMS Spammer hosting
SMS Spammed URL: https://aircloak.co/[] Looks like a URL shortener, but all URLs redirect to https://newsfor24x7.com/lean/[] aircloak.co. 143 IN A 172.67.223.45 aircloak.co. 143 IN A 104.21.38.139 newsfor24x7.com. 300 IN A 172.67.194.201 newsfor24x7.com. 300 IN A 104.21.52.36 — Domain Name: aircloak.co Registry Domain ID: DC5DBB495F5274DEA959A0F9EEFC612A9-GDREG Registrar WHOIS Server: Registrar URL: www.ownregistrar.com Updated Date: 2022-01-27T11:31:14Z Creation Date: 2021-07-28T18:18:55Z… Читать далее SMS Spammer hosting
SMS Spammer hosting
SMS Spammed URL: https://aircloak.co/[] Looks like a URL shortener, but all URLs redirect to https://newsfor24x7.com/lean/[] aircloak.co. 143 IN A 172.67.223.45 aircloak.co. 143 IN A 104.21.38.139 newsfor24x7.com. 300 IN A 172.67.194.201 newsfor24x7.com. 300 IN A 104.21.52.36 — Domain Name: aircloak.co Registry Domain ID: DC5DBB495F5274DEA959A0F9EEFC612A9-GDREG Registrar WHOIS Server: Registrar URL: www.ownregistrar.com Updated Date: 2022-01-27T11:31:14Z Creation Date: 2021-07-28T18:18:55Z… Читать далее SMS Spammer hosting
Spam Hosting (traincpe.com) (Pioneer Educator)
1/31/2022: This spam domain has been moved to Cloudflare, masking its real location, after Newfold (Endurance) terminated services to it. Cloudflare, please do not allow it to abuse your resources. $ host traincpe.com traincpe.com has address 172.67.157.197 traincpe.com has address 104.21.90.147 traincpe.com has IPv6 address 2606:4700:3034::6815:5a93 traincpe.com has IPv6 address 2606:4700:3036::ac43:9dc5 traincpe.com mail is handled… Читать далее Spam Hosting (traincpe.com) (Pioneer Educator)
Spam Hosting (traincpe.com) (Pioneer Educator)
1/31/2022: This spam domain has been moved to Cloudflare, masking its real location, after Newfold (Endurance) terminated services to it. Cloudflare, please do not allow it to abuse your resources. $ host traincpe.com traincpe.com has address 172.67.157.197 traincpe.com has address 104.21.90.147 traincpe.com has IPv6 address 2606:4700:3034::6815:5a93 traincpe.com has IPv6 address 2606:4700:3036::ac43:9dc5 traincpe.com mail is handled… Читать далее Spam Hosting (traincpe.com) (Pioneer Educator)
Spamvertised websites
Received: from DM5PR16CA0038.namprd16.prod.outlook.com (2603:10b6:4:15::24) From: «Amazing Deals» <[]@[].s100viewpoints.com> Subject: 𝖡𝖮𝖭𝖴𝖲: $𝟧𝟢 𝖠𝖼𝖾 𝖧𝖺𝗋𝖽𝗐𝖺𝗋𝖾 𝖦𝗂𝖿𝗍 𝖢𝖺𝗋𝖽 𝖮𝗉𝗉𝗈𝗋𝗍𝗎𝗇𝗂𝗍𝗒 Date: Thu, 03 Feb 2022 02:3x:xx +0000 http://s100viewpoints.com/[] 159.223.48.46 https://bgoleblnkt.com/?E=[] 208.91.105.3 https://fourtnthone.com/?E=[]s 208.91.105.3 http://wkhar.com/aff_c?offer_id=437&aff_id=1189&aff_sub=acehardware&aff_sub2=[]&aff_sub3=704499&aff_sub4=[] 172.67.180.20 https://savermanagement.ru/gupe/sivihi/gesu/index.php?rpclk=[] 172.67.208.106
spam source
[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. w 54.240.11.6 a11-6.smtp-out.amazonses.com «a11-6.smtp-out.amazonses.com» 2022-01-16T22:50:00Z (+/-10 min) w 54.240.11.73 a11-73.smtp-out.amazonses.com «a11-73.smtp-out.amazonses.com»… Читать далее spam source