New TLD .GQ Equatorial Guinea, .CF, .TK, .ML

Spammers should not profit, so post information here that hits their pockets. There are many ways to fight spammers, and we have automation tools to combat them efficiently. These forums are moderated, but do not reflect the views of the hosting company, domain registrar, etc. By entering any of these forums, you agree that you cannot hold anyone liable for anything related in any way to these forums.

New TLD .GQ Equatorial Guinea, .CF, .TK, .ML

Postby Red Dwarf » Tue Oct 20, 2015 7:48 pm

Equatorial Guinea has the top level domain of .GQ
The IANA record for .GQ is at https://www.iana.org/domains/root/db/gq.html
Sponsoring Organisation

GETESA
A.P. 494
Malabo
Equatorial Guinea
Administrative Contact

Jose Antonio Bibang Yembi
GETESA
A.P. 494
Malabo
Equatorial Guinea
Email: bibang.yembi@orange-getesa.gq
Voice: +240222268239

Registry Information

URL for registration services: http://www.dominio.gq
WHOIS Server: whois.dominio.gq


Recent examples of suspicious domain names found on the same hosting IP addresses as fake pharmacies:
    hbqfnpvhekhxwal.gq
    hzmfouxjgjs.gq
    jziipcwsxqjepjsvueok.gq
    lcavydwmvepwrsjnr.gq
    lnchmoiarmilwzbtbd.gq
    svdjgfkcenyrjdhfuzo.gq
    efpkbwsnmxxceo.gq
    google-analitics.gq
    irvvtsvwantcsfjpwsr.gq
    rqatacwehxjgwovg.gq
    spvzwyliblcbgt.gq
    vrlqlokqzbhyqiswfm.gq
IP addresses where they once resolved include these two at rackplace.de
193.242.211.176
193.242.211.177

However, they do no currently resolve to any IP address, and do not appear to be registered at dominio.gq
eg http://my.freenom.com/domains.php?a=availability&domain=hzmfouxjgjs.gq

That is puzzling, and implies that these domain names are being advertised, and caught in passive DNS servers, when they either have not been registered, or have been completely removed.
User avatar
Red Dwarf
You are kiillllling-a my bizinisss!
 
Posts: 10448
Joined: Tue Jun 27, 2006 2:01 am

New TLD .GQ Equatorial Guinea, .CF, .TK, .ML

Postby Red Dwarf » Tue Oct 20, 2015 8:02 pm

The same situation occurs with Central Africa Republic .CF with these examples
    aopoklerd3.cf
    atlantabay.cf
    dioynbcqmx.cf
    dynmralsxsvff.cf
    kxiphsuujbnsmtgnm.cf

IP addresses previously used were

89.46.100.25 in Romania
193.242.211.177 in Frankfurt
User avatar
Red Dwarf
You are kiillllling-a my bizinisss!
 
Posts: 10448
Joined: Tue Jun 27, 2006 2:01 am

New TLD .GQ Equatorial Guinea, .CF, .TK, .ML

Postby Red Dwarf » Tue Oct 20, 2015 8:07 pm

Identical situation with Mali TLD .ML

Examples
    andmvzhfvy.ml
    kbbynifvvbfaj.ml
    lgijnqfhofwzkgzmjmie.ml
    qlgjmxekkirdym.ml
    zlphufkqxhghmwre.ml
    zorqjkhegefqnqow.ml

These were detected on 193.242.211.177
User avatar
Red Dwarf
You are kiillllling-a my bizinisss!
 
Posts: 10448
Joined: Tue Jun 27, 2006 2:01 am

New TLD .GQ Equatorial Guinea, .CF, .TK, .ML

Postby Red Dwarf » Tue Oct 20, 2015 8:17 pm

Another is Tokelau, in the South Pacific, .TK

    ajpgqpuaryhpvglxy.tk
    antilopa.tk
    aopoklerd3.tkk
    jjlyicyzit.tk
    kagbugkflypcaifj.tk
    mniyythrb.tk
    ptlvnzrodepp.tk
    smartvom.tk
    vcujymimmly.tk
    ykdnzrovywungigjrnnk.tk

Also temporarily located on 193.242.211.177
User avatar
Red Dwarf
You are kiillllling-a my bizinisss!
 
Posts: 10448
Joined: Tue Jun 27, 2006 2:01 am

New TLD .GQ Equatorial Guinea, .CF, .TK, .ML

Postby Red Dwarf » Tue Oct 20, 2015 8:19 pm

Another is Gabon on TLD .GA

    gsfhysgwimggfkrqy.ga
    ohzauchhrqhi.ga
    pdvneunxsousgaf.ga
    fsefatqadjrkyaijh.ga
    ikqugbgjpydjiig.ga
    omhghmwjfielvanjuz.ga
    ynammnnylbn.ga

Same IP address 193.242.211.177
User avatar
Red Dwarf
You are kiillllling-a my bizinisss!
 
Posts: 10448
Joined: Tue Jun 27, 2006 2:01 am


Return to Fight Spammers

Who is online

Users browsing this forum: Baidu [Spider] and 1 guest

cron