Suspected Snowshoe Spam IP Range — Moroccans, maybe?

2022.03.16 The same spammer can be found in:
139.99.136.0/24,
139.99.160.0/24,
51.161.148.0/24

Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission.

As a precaution therefore we are listing this IP range in an SBL Advisory for the protection of Spamhaus users until we are able to determine the extent of the problem in this IP range, the exact size of the problematic IP allocation within this IP range, who is operating the domains/hosts/servers in this IP range, and receive a reassurance from the network owner that the IP range does not and will not pose a threat to Spamhaus users.


Not exactly kosher. The following domains, unrelated to this network, can be seen spamming from here:

51.161.145.12 casacredom.com
51.161.145.13 casacredom.com
51.161.145.14 casacredom.com
51.161.145.20 radiointichile.com
51.161.145.21 radiointichile.com
51.161.145.22 radiointichile.com
51.161.145.27 cofeci.gov.br
51.161.145.28 cofeci.gov.br
51.161.145.29 cofeci.gov.br
51.161.145.63 essbouayach.xyz
51.161.145.74 essbouayach.xyz
51.161.145.128 digitalxin.com
51.161.145.129 digitalxin.com

51.161.145.190 digitalxin.com
51.161.145.191 digitalxin.com
51.161.145.238 essbouayach.xyz
51.161.145.240 expovoyage.website
51.161.145.242 essbouayach.xyz
51.161.145.243 essbouayach.xyz
51.161.145.245 essbouayach.xyz
51.161.145.246 essbouayach.xyz
51.161.145.247 essbouayach.xyz
51.161.145.248 essbouayach.xyz
51.161.145.249 essbouayach.xyz
51.161.145.250 essbouayach.xyz
51.161.145.255 jimdo-server.xyz

The reverse DNS does nothing to assuage the impression that this is all spam, all the time.

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *