IP 159.223.32.136 is known to be associated with spam/phishing attempts. got blackmail $666 更新3/19/2026
2026/03/16 16:25
瀏覽17
迴響0
推薦0
引用0
on 3/3/2026 received 2 same fraud and black emails for us$600, $666 and 3/13 received again, as below: Received: from 159.223.32.136 (EHLO fortune-daily.com) by 10.220.167.226 with SMTP; Fri, 13 Mar 2026 04:49:47 +0000
from [my email address] to [my email address]
Date: Fri, 13 Mar 2026 04:49:46 +0000
Youre a thought that is boundless.
Ok. I dont have much time, so lets get straight to the point.
I want to make you an offer that you can refuse, but only once.
Heres what I have:
Your complete personal information: full name, date of birth, home address.
Your social security number and drivers license details.
All your email account login credentials, including this account.
Other login details and your private messages.
A multitude of files found on your devices.
Access to your bank accounts.
The details of your credit cards: number, expiry date, and cvv.
I have compiled this entire package into a single folder. I can and intend to do two things with it. It is up to you to decide which one:
I will send this entire package to darknet markets, where other criminals will buy it.
It is unknown how they will use this information. They may purchase something illegal in your name, or they may not, but you will definitely not like it.
Or you can buy it from me for a small fee of 600 usd.
Changing the entire package of documents and data is very expensive, very time-consuming, and unsafe.
I already know that you have just read this text. Do not try to ignore this.
I only accept payment in bitcoins at the exchange rate at the time of transfer.
Transfer money here: 141sJr3369J5PGDMMd6jBja8XZ1oN45g37
After payment, I will delete the folder containing your data, and you can continue living as before or, if you dont trust me, take your time changing all your data. Its more profitable for me if you pay me. Its easier and better for everyone.
This is a unique offer. Take advantage of it. I will wait for 1 day.
on 3/3/2026 Google searched [how to block 159.223.32.136] so i did
Open Windows Defender Firewall with Advanced Security.
Click Inbound Rules > New Rule.
Choose Custom > All programs.
Under scope, in "Which remote IP addresses does this rule apply to", select These IP addresses and click Add.
Type in 159.223.32.136.
Select Block the connection and apply the rule to all profiles (Domain, Private, Public).
until today cant but searched [Windows Firewall blocked 159.223.32.136, why still received fraud email sent from 159.223.32.136 (EHLO fortune-daily.com) ?] Receiving a fraud email from a blocked IP address like
159.223.32.136 even after blocking it in Windows Firewall is expected because Windows Firewall only controls traffic directly entering or leaving your computer, not the traffic passing through your Internet Service Provider (ISP) or email server, say security analysts.
Here is why this occurs and how to handle it:
Email Bypasses Local Firewall:
When someone sends you an email, it goes from their server to your
email provider (e.g., Gmail, Outlook, Yahoo) and then to your device.
Windows Firewall cannot block emails at your providers server level.
IP Blocking Limitations:
Blocking an IP in Windows Firewall prevents that machine from making a
direct connection (like a web visit or remote desktop connection) to
your computer. However, it does not prevent them from sending you an
email that your email provider’s security checks failed to catch,
explains a cybersecurity expert.
Spoofing & Scam Tactics: The email likely used fortune-daily.com
to make the phishing attempt look legitimate. Fraudsters frequently use
similar IP addresses and fake sender names to trick users into clicking
malicious links or calling fake support numbers.
Recommended Actions:
Do Not Interact: Do not click links or reply to the email.
Mark as Spam/Phishing:
Use your email clients "Report Phishing" or "Mark as Spam" feature.
This updates your email provider’s filters to block future messages.
Run a Full System Scan: Use Windows Defender or a tool like Malwarebytes to ensure no malicious code was installed.
The IP 159.223.32.136 is known to be associated with spam/phishing attempts.
--obviously my email provider cant stop it any more, the received date on 3/12/2026.
searched [can i block me (my email address) sent to (my email address) ?] (last time i also searched and the answear was NO) Yes, you can block your own email address from appearing in your inbox, though you cannot stop a scammer from trying to send them. These messages are almost always spoofing, where spammers fake the "From" address to look like it came from you. Here are the best ways to handle this in your email client:
1. Create a Filter/Rule (Recommended)
This is the most effective way to prevent these emails from reaching your inbox.
Gmail:
Open Gmail in a browser.
In the search box, click the Show search options icon (three horizontal lines).
In the From field, enter your email address.
Click Create filter.
Check Delete it (or "Skip the Inbox (Archive it)" if you want to keep them).
Click Create filter.
Outlook: Create a rule that moves emails from your own address to the Junk Email folder, or deletes them entirely.
-- added fraud-me begins with my-email (without @xxx.yyy), wait to see whether it works. i also added news contains news but didnt stop receiveing newsletterxxxx@yyy.zzz so added newsletter begins with newsletter but still receive newsletterxxxx@yyy.zzz . am i mistake about the filter rules?
searched [can i block 159.223.32.136 ?](daily received newsletterxxx@yyy.zzz from 159.223.32.136 (EHLO mail386.institut-aob.com) )The IP 159.223.32.136 appears to be hosted on DigitalOcean, a popular cloud provider, and is frequently flagged in threat intelligence lists.
Open Command Prompt as Administrator.
Run the following command:
netsh advfirewall firewall add rule name="Block 159.223.32.136" dir=in action=block remoteip=159.223.32.136
To block outgoing traffic as well, run it again with dir=out.
[what is mail386.institut-aob.com ?] Based on typical phishing patterns, mail386.institut-aob.com appears to be a fraudulent subdomain used in phishing or scam email campaigns. It is likely designed to look like a legitimate entity—possibly imitating financial services (like AIB) or an educational/professional institution (like an "AOB" board) to steal
private information.
-----------Update 3/16/2026
3/16/2026 it did reduce fraud emails. in email account , settings , filters add filter name :uk (and eu , us) contains : .uk. (.eu. , .us. ) move to shelia that folders add folder name shelia that many frauds came from .uk., .eu., .us. such as [newsletter@djznmthfbjlvwg.celebrities.uk.com]
Open Windows Defender Firewall with Advanced Security.
Click Inbound Rules > New Rule.
Choose Custom > All programs. PS click Next, right panel select scope
Under scope, in "Which remote IP addresses does this rule apply to", select These IP addresses and click Add.
Type in 159.223.32.136. PS click ok , continue add 40.93.20.53 , 74.125.224.73 , 74.125.224.73 , 209.85.222.202 , 45.134.12.86 , 163.172.130.67 then click Next
Select Block the connection and apply the rule to all profiles (Domain, Private, Public). PS click Next
type Name : fraud-emails and Description i typed as:
159.223.32.136 数据中心 新加坡 Digitalocean, LLC (digitalocean.com) score 46
40.93.20.53 滥用IP 数据中心 云厂商 Microsoft Corporation (microsoft.com) score 35
74.125.224.73 滥用IP 数据中心 美国 Google LLC (google.com) Microsoft Corporation (microsoft.com) score 44
09.85.222.202 滥用IP 数据中心 美国 Google LLC (google.com) score 43
45.134.12.86 数据中心 法国 FIRST SERVER LIMITED (first-server.net) score 57
163.172.130.67 数据中心 法国 Scaleway (scaleway.com) score 50 sent newsletter
the above informations got from IP地址信息查询 website
...............update 3/18/2026
3/18/2026 received fraud emails by right click [each sender] select [view raw message, (to find0 Received: from xxx.xx.xxx.xxx) as :
51.15.137.169 (EHLO mail407.institut-aob.com) score 52 minor Warring
数据中心 法国 AS12876 Scaleway (scaleway.com) sent many health related 17 junk emails. suspect either hacker target at scaleway.com or the company got client as An-li type -- mice company
51.15.204.8 (EHLO mail331.institut-aob.com) score 60
51.15.204.8 (EHLO mail331.institut-aob.com)
51.15.222.109 (EHLO mail332.institut-aob.com) score 63
51.15.230.18 (EHLO mail371.institut-aob.com) score 52 minor Warring
51.15.230.18 (EHLO mail371.institut-aob.com)
163.172.180.198 (EHLO mail268.institut-aob.com) score 56 minor Warring
163.172.178.165 (EHLO mail409.institut-aob.com) score 58 minor Warring
163.172.178.165 (EHLO mail409.institut-aob.com)
163.172.176.9 (EHLO mail267.institut-aob.com) score 47 Warring
163.172.174.139 (EHLO mail282.institut-aob.com) score 48 Warring
163.172.160.40 (EHLO mail373.institut-aob.com) score 44 Warring
163.172.159.107 (EHLO mail374.institut-aob.com) score 56 minor Warring
163.172.151.16 (EHLO mail450.institut-aob.com) score 57 minor warning
163.172.151.123 (EHLO mail284.institut-aob.com) score 57 minor Warring 数据中心 VPN
163.172.136.58 (EHLO mail335.institut-aob.com) score 44 Warring
209.85.222.201 (EHLO mail-qk1-f201.google.com) score 43 Warring 滥用IP 数据中心 AS15169 Google LLC (https://about.google/intl/en/)
ps i must expose hoping those companies kick off their users who sent many fraud emails to victims in or would block their IP addresses permanently.
same as master cant control it stink dogs but force the whole world pay what they issue bloody wars.
.........update 3/19/2026
add to fraud-emails : 51.15.211.26 (EHLO mail446.institut-aob.com)数据中心 score 51 , 34.125.164.74 (EHLO malna3lahadxika.ml) usa AS396982 Google Cloud Platform 数据中心 云厂商 score 70 , 51.158.68.104 (EHLO mail435.institut-aob.com)数据中心 score 52 , 163.172.177.181 (EHLO mail390.institut-aob.com)数据中心 score 44 , 163.172.183.141 (EHLO mail372.institut-aob.com) 数据中心 score 58 , 163.172.183.76 (EHLO mail281.institut-aob.com)数据中心 score 48 , 163.172.189.62 (EHLO mail405.institut-aob.com) 数据中心 score 48 ,
209.85.167.199 (EHLO mail-oi1-f199.google.com) 3/19/2026 new 风险IP 滥用IP 数据中心 usa AS15169 Google LLC (google.com) score 39 *****
and found 2 fraud emails cant be blocked at all :
51.15.204.8 (EHLO mail331.institut-aob.com) 3/19/2026 **** already block but still receive fraud email
serached [why block sender and block ip address 51.15.204.8 still receive the fraud emails ?]
blocking a sender or IP address (e.g., 51.15.204.8) often fails because fraudsters use email spoofing to change display names/addresses, or they utilize to send spam from thousands of different IP addresses.
--it is very likely is botnet that earlier ip address searched showed some ipaddress marked botnet, i would verify after return from old house (leave soon) PS cant find in my bookmarks or one of IP地址信息 website cancelled(need to pay or register?), but there are others ...see below
Other reasons include :Alternative Addresses: They use slightly different variations of the email address.
IP Masking: Emails may route through intermediate servers that dont match the blocked IP.
"Never Send to Spam" Filters: Existing inbox rules might override blocklists. PS i never add the rule.
How to Fix:
Create a Rule: Instead of just "blocking," set up a specific rule to permanently delete emails containing specific keywords or from those domains. PS email provider only give 3 block domain for free.
Use Spam/Phishing Button: Mark messages as "Phishing" or "Spam" rather than just deleting them, which trains your filter.
Check Headers: Examine the "Return-Path" or "Received" header to find the true source address. PS already deleted wait for next time.
Use RBLs: If managing a server, utilize Real-Time Blacklists (RBLs) to block known spammer IP ranges, notes security.stackexchange.com
seearched [which free website can examine 51.15.204.8 is a botnet ?] Several free online services can check if the IP address
51.15.204.8 is associated with botnet activity,
GreyNoise IP Check (check.labs.greynoise.io)-- auto showed my IP Is Clean, cant type 51.15.204.8 or must register that i dont want to maintain already too many user accounts. again china people must keep in mind it is a high risk to visit any usa websites.
Criminal IP (criminalip.io) a cybersecurity search engine that provides a detailed reputation report and identifies if an IP is linked to botnets.
it showed : This is a malicious IP Address(51.15.204.8) This IP Address has critical vulnerabilities. Current Open Ports total 3 ie TCP port 22(Product OpenSSH Version 8.0) , 80(LifeSure - Life Insurance Website Template
Product Apache Version 2.4.37), 111(Product Portmap Service RPC (ie Remote Procedure Call远程过程调用). ps if receive again will find out which port the fraud sender uses.
.....
same as 163.172.174.139 (EHLO mail282.institut-aob.com) 3/19/2026 ****
Even after blocking a sender or IP address, fraud emails often continue to
arrive because scammers use multiple, rotating IP addresses, or they
spoof (fake) the sender address to disguise the emails true origin. The
blocker may be failing because the scammers are using botnets, changing
their sender domain, or because your email rules are not catching the
variations.
Here is why your blocks might be failing and how to fix it:
Why Blocked Emails Still Arrive
Spoofed Email Addresses:
The "From" address you see is likely fake. The email is actually
arriving from a different address than the one you blocked, meaning your
block rule doesnt apply to the new one.
Multiple IP/Domain Rotation:
Fraudsters often have hundreds of domains and IP addresses available.
Blocking one IP (e.g., 163.172.174.139) does nothing to stop them from
using another. PS already happened to 法国 scaleway.com
Service Provider Limits:
Standard spam filters might not be immediately updated with the
malicious IP, or they may be overwhelmed by the volume of spam,
according to this Microsoft Learn thread.
Shared Infrastructure:
Sometimes, legitimate but compromised servers (shared IPs) are used,
making it harder for automated systems to block them without affecting
legitimate traffic, notes Suped.
Steps to Take
Create Advanced Rules:
Instead of just blocking the sender address, create an Inbox rule that
moves emails to the trash based on common "keywords," "phrases," or
phishing phrases in the subject/body, says Microsoft Support.
Check "Safe Senders" List:
Ensure the sender is not mistakenly included in your safe senders list,
which overrides blocked senders, suggests Microsoft Learn.
Analyze Message Headers: Use your email providers "View message source" option to find the true originating IP address, which might be different from the one displayed in the From field, says Microsoft Learn.
Mark as Junk/Phishing: Consistently mark these emails as "Phishing" or "Junk" to train your email providers filtering algorithms, says the Federal Trade Commission
searched [how to block scaleway.com send many frau emails ? ] To block fraudulent emails originating from or appearing to come from
scaleway.com, you should use a combination of blocking rules in your email provider and, if the fraud is originating from a Scaleway account, reporting it directly to them.
Immediate Mitigation (Inbox Filtering)
Block Domain in Gmail/Outlook: Mark the emails as spam or phishing. Create a filter to permanently delete emails where the sender address contains scaleway.com or specific subdomains.
Create Rules:
Set up a rule to automatically move all emails with "Scaleway" in the
header to a junk folder, allowing you to review them without them
hitting your inbox.
Do Not Unsubscribe: Fraudulent emails often use fake "unsubscribe" links to confirm your email is active. Just delete or mark as spam.
Reporting the Fraudulent Emails
Report Abuse to Scaleway:
If the emails are phishing attempts designed to look like they come
from Scaleway, report them to Scaleways abuse team. According to their
documentation, you can manage and report abuse cases within the Scaleway
console.
Identify Spoofing:
Note that spammers often spoof the from line. If the emails are
coming from many different variations of the domain, you may need to
block the domain scaleway.com entirely rather than specific email addresses.
Technical Protection
Check Email Headers:
Analyze the email header to see if the mail actually originated from
Scaleway infrastructure or if it is just "spoofed" (pretending to be
from them).
Report to Anti-Spam Services: Use tools like Spamhaus to report malicious domains, which helps prevent future messages from reaching your inbox
PS i would continue finish the block scaleway.com after return from old house....
ps Criminal IP (criminalip.io) for 163.172.174.139 require to pay $89.08/mon(starter, $99). so gave up. in last several years most usa companies only offer one free searched. some wont charge individuals but business companies. the question is can $89.08 help victims to get out dark web? we all knew no guarantee in usa same as cant stop hackers send fraud and blackmails. MS defender cant catch nor perfmon find any wrong in my pc. whatever i suffer might be i am selected white mice as fishing to catch dark web hackers by usa government related or MS and its 3rd party app companies updating caused many data files auto disappeared made me felt hacker(or AI) control our 2 pc, 2 iphone.
-----------------------------
2. Mark as Spam/Junk
Gmail/Outlook:
Manually mark these emails as "Spam" or "Junk". This teaches your email
provider to filter similar future messages automatically.
3. Check for Actual Compromise
While usually, these are fake, it is wise to verify your account security.
Check Activities: Go to your Microsoft Account Activity page or Google Security Checkup to ensure no one else is actually using your account.
4. What Not To Do
Do not click any links inside these emails, as they are likely phishing attempts.
Do not reply to the emails.
Note:
In some scenarios, you may not be able to "block" your own address in
the traditional sense, but the filter/delete rule mentioned above serves
the same purpose.
from [my email address] to [my email address]
Date: Fri, 13 Mar 2026 04:49:46 +0000
Youre a thought that is boundless.
Ok. I dont have much time, so lets get straight to the point.
I want to make you an offer that you can refuse, but only once.
Heres what I have:
Your complete personal information: full name, date of birth, home address.
Your social security number and drivers license details.
All your email account login credentials, including this account.
Other login details and your private messages.
A multitude of files found on your devices.
Access to your bank accounts.
The details of your credit cards: number, expiry date, and cvv.
I have compiled this entire package into a single folder. I can and intend to do two things with it. It is up to you to decide which one:
I will send this entire package to darknet markets, where other criminals will buy it.
It is unknown how they will use this information. They may purchase something illegal in your name, or they may not, but you will definitely not like it.
Or you can buy it from me for a small fee of 600 usd.
Changing the entire package of documents and data is very expensive, very time-consuming, and unsafe.
I already know that you have just read this text. Do not try to ignore this.
I only accept payment in bitcoins at the exchange rate at the time of transfer.
Transfer money here: 141sJr3369J5PGDMMd6jBja8XZ1oN45g37
After payment, I will delete the folder containing your data, and you can continue living as before or, if you dont trust me, take your time changing all your data. Its more profitable for me if you pay me. Its easier and better for everyone.
This is a unique offer. Take advantage of it. I will wait for 1 day.
on 3/3/2026 Google searched [how to block 159.223.32.136] so i did
Open Windows Defender Firewall with Advanced Security.
Click Inbound Rules > New Rule.
Choose Custom > All programs.
Under scope, in "Which remote IP addresses does this rule apply to", select These IP addresses and click Add.
Type in 159.223.32.136.
Select Block the connection and apply the rule to all profiles (Domain, Private, Public).
until today cant but searched [Windows Firewall blocked 159.223.32.136, why still received fraud email sent from 159.223.32.136 (EHLO fortune-daily.com) ?] Receiving a fraud email from a blocked IP address like
159.223.32.136 even after blocking it in Windows Firewall is expected because Windows Firewall only controls traffic directly entering or leaving your computer, not the traffic passing through your Internet Service Provider (ISP) or email server, say security analysts.
Here is why this occurs and how to handle it:
Email Bypasses Local Firewall:
When someone sends you an email, it goes from their server to your
email provider (e.g., Gmail, Outlook, Yahoo) and then to your device.
Windows Firewall cannot block emails at your providers server level.
IP Blocking Limitations:
Blocking an IP in Windows Firewall prevents that machine from making a
direct connection (like a web visit or remote desktop connection) to
your computer. However, it does not prevent them from sending you an
email that your email provider’s security checks failed to catch,
explains a cybersecurity expert.
Spoofing & Scam Tactics: The email likely used fortune-daily.com
to make the phishing attempt look legitimate. Fraudsters frequently use
similar IP addresses and fake sender names to trick users into clicking
malicious links or calling fake support numbers.
Recommended Actions:
Do Not Interact: Do not click links or reply to the email.
Mark as Spam/Phishing:
Use your email clients "Report Phishing" or "Mark as Spam" feature.
This updates your email provider’s filters to block future messages.
Run a Full System Scan: Use Windows Defender or a tool like Malwarebytes to ensure no malicious code was installed.
The IP 159.223.32.136 is known to be associated with spam/phishing attempts.
--obviously my email provider cant stop it any more, the received date on 3/12/2026.
searched [can i block me (my email address) sent to (my email address) ?] (last time i also searched and the answear was NO) Yes, you can block your own email address from appearing in your inbox, though you cannot stop a scammer from trying to send them. These messages are almost always spoofing, where spammers fake the "From" address to look like it came from you. Here are the best ways to handle this in your email client:
1. Create a Filter/Rule (Recommended)
This is the most effective way to prevent these emails from reaching your inbox.
Gmail:
Open Gmail in a browser.
In the search box, click the Show search options icon (three horizontal lines).
In the From field, enter your email address.
Click Create filter.
Check Delete it (or "Skip the Inbox (Archive it)" if you want to keep them).
Click Create filter.
Outlook: Create a rule that moves emails from your own address to the Junk Email folder, or deletes them entirely.
-- added fraud-me begins with my-email (without @xxx.yyy), wait to see whether it works. i also added news contains news but didnt stop receiveing newsletterxxxx@yyy.zzz so added newsletter begins with newsletter but still receive newsletterxxxx@yyy.zzz . am i mistake about the filter rules?
searched [can i block 159.223.32.136 ?](daily received newsletterxxx@yyy.zzz from 159.223.32.136 (EHLO mail386.institut-aob.com) )The IP 159.223.32.136 appears to be hosted on DigitalOcean, a popular cloud provider, and is frequently flagged in threat intelligence lists.
Open Command Prompt as Administrator.
Run the following command:
netsh advfirewall firewall add rule name="Block 159.223.32.136" dir=in action=block remoteip=159.223.32.136
To block outgoing traffic as well, run it again with dir=out.
[what is mail386.institut-aob.com ?] Based on typical phishing patterns, mail386.institut-aob.com appears to be a fraudulent subdomain used in phishing or scam email campaigns. It is likely designed to look like a legitimate entity—possibly imitating financial services (like AIB) or an educational/professional institution (like an "AOB" board) to steal
private information.
-----------Update 3/16/2026
3/16/2026 it did reduce fraud emails. in email account , settings , filters add filter name :uk (and eu , us) contains : .uk. (.eu. , .us. ) move to shelia that folders add folder name shelia that many frauds came from .uk., .eu., .us. such as [newsletter@djznmthfbjlvwg.celebrities.uk.com]
Open Windows Defender Firewall with Advanced Security.
Click Inbound Rules > New Rule.
Choose Custom > All programs. PS click Next, right panel select scope
Under scope, in "Which remote IP addresses does this rule apply to", select These IP addresses and click Add.
Type in 159.223.32.136. PS click ok , continue add 40.93.20.53 , 74.125.224.73 , 74.125.224.73 , 209.85.222.202 , 45.134.12.86 , 163.172.130.67 then click Next
Select Block the connection and apply the rule to all profiles (Domain, Private, Public). PS click Next
type Name : fraud-emails and Description i typed as:
159.223.32.136 数据中心 新加坡 Digitalocean, LLC (digitalocean.com) score 46
40.93.20.53 滥用IP 数据中心 云厂商 Microsoft Corporation (microsoft.com) score 35
74.125.224.73 滥用IP 数据中心 美国 Google LLC (google.com) Microsoft Corporation (microsoft.com) score 44
09.85.222.202 滥用IP 数据中心 美国 Google LLC (google.com) score 43
45.134.12.86 数据中心 法国 FIRST SERVER LIMITED (first-server.net) score 57
163.172.130.67 数据中心 法国 Scaleway (scaleway.com) score 50 sent newsletter
the above informations got from IP地址信息查询 website
...............update 3/18/2026
3/18/2026 received fraud emails by right click [each sender] select [view raw message, (to find0 Received: from xxx.xx.xxx.xxx) as :
51.15.137.169 (EHLO mail407.institut-aob.com) score 52 minor Warring
数据中心 法国 AS12876 Scaleway (scaleway.com) sent many health related 17 junk emails. suspect either hacker target at scaleway.com or the company got client as An-li type -- mice company
51.15.204.8 (EHLO mail331.institut-aob.com) score 60
51.15.204.8 (EHLO mail331.institut-aob.com)
51.15.222.109 (EHLO mail332.institut-aob.com) score 63
51.15.230.18 (EHLO mail371.institut-aob.com) score 52 minor Warring
51.15.230.18 (EHLO mail371.institut-aob.com)
163.172.180.198 (EHLO mail268.institut-aob.com) score 56 minor Warring
163.172.178.165 (EHLO mail409.institut-aob.com) score 58 minor Warring
163.172.178.165 (EHLO mail409.institut-aob.com)
163.172.176.9 (EHLO mail267.institut-aob.com) score 47 Warring
163.172.174.139 (EHLO mail282.institut-aob.com) score 48 Warring
163.172.160.40 (EHLO mail373.institut-aob.com) score 44 Warring
163.172.159.107 (EHLO mail374.institut-aob.com) score 56 minor Warring
163.172.151.16 (EHLO mail450.institut-aob.com) score 57 minor warning
163.172.151.123 (EHLO mail284.institut-aob.com) score 57 minor Warring 数据中心 VPN
163.172.136.58 (EHLO mail335.institut-aob.com) score 44 Warring
209.85.222.201 (EHLO mail-qk1-f201.google.com) score 43 Warring 滥用IP 数据中心 AS15169 Google LLC (https://about.google/intl/en/)
ps i must expose hoping those companies kick off their users who sent many fraud emails to victims in or would block their IP addresses permanently.
same as master cant control it stink dogs but force the whole world pay what they issue bloody wars.
.........update 3/19/2026
add to fraud-emails : 51.15.211.26 (EHLO mail446.institut-aob.com)数据中心 score 51 , 34.125.164.74 (EHLO malna3lahadxika.ml) usa AS396982 Google Cloud Platform 数据中心 云厂商 score 70 , 51.158.68.104 (EHLO mail435.institut-aob.com)数据中心 score 52 , 163.172.177.181 (EHLO mail390.institut-aob.com)数据中心 score 44 , 163.172.183.141 (EHLO mail372.institut-aob.com) 数据中心 score 58 , 163.172.183.76 (EHLO mail281.institut-aob.com)数据中心 score 48 , 163.172.189.62 (EHLO mail405.institut-aob.com) 数据中心 score 48 ,
209.85.167.199 (EHLO mail-oi1-f199.google.com) 3/19/2026 new 风险IP 滥用IP 数据中心 usa AS15169 Google LLC (google.com) score 39 *****
and found 2 fraud emails cant be blocked at all :
51.15.204.8 (EHLO mail331.institut-aob.com) 3/19/2026 **** already block but still receive fraud email
serached [why block sender and block ip address 51.15.204.8 still receive the fraud emails ?]
blocking a sender or IP address (e.g., 51.15.204.8) often fails because fraudsters use email spoofing to change display names/addresses, or they utilize to send spam from thousands of different IP addresses.
--it is very likely is botnet that earlier ip address searched showed some ipaddress marked botnet, i would verify after return from old house (leave soon) PS cant find in my bookmarks or one of IP地址信息 website cancelled(need to pay or register?), but there are others ...see below
Other reasons include :Alternative Addresses: They use slightly different variations of the email address.
IP Masking: Emails may route through intermediate servers that dont match the blocked IP.
"Never Send to Spam" Filters: Existing inbox rules might override blocklists. PS i never add the rule.
How to Fix:
Create a Rule: Instead of just "blocking," set up a specific rule to permanently delete emails containing specific keywords or from those domains. PS email provider only give 3 block domain for free.
Use Spam/Phishing Button: Mark messages as "Phishing" or "Spam" rather than just deleting them, which trains your filter.
Check Headers: Examine the "Return-Path" or "Received" header to find the true source address. PS already deleted wait for next time.
Use RBLs: If managing a server, utilize Real-Time Blacklists (RBLs) to block known spammer IP ranges, notes security.stackexchange.com
seearched [which free website can examine 51.15.204.8 is a botnet ?] Several free online services can check if the IP address
51.15.204.8 is associated with botnet activity,
GreyNoise IP Check (check.labs.greynoise.io)-- auto showed my IP Is Clean, cant type 51.15.204.8 or must register that i dont want to maintain already too many user accounts. again china people must keep in mind it is a high risk to visit any usa websites.
Criminal IP (criminalip.io) a cybersecurity search engine that provides a detailed reputation report and identifies if an IP is linked to botnets.
it showed : This is a malicious IP Address(51.15.204.8) This IP Address has critical vulnerabilities. Current Open Ports total 3 ie TCP port 22(Product OpenSSH Version 8.0) , 80(LifeSure - Life Insurance Website Template
Product Apache Version 2.4.37), 111(Product Portmap Service RPC (ie Remote Procedure Call远程过程调用). ps if receive again will find out which port the fraud sender uses.
.....
same as 163.172.174.139 (EHLO mail282.institut-aob.com) 3/19/2026 ****
Even after blocking a sender or IP address, fraud emails often continue to
arrive because scammers use multiple, rotating IP addresses, or they
spoof (fake) the sender address to disguise the emails true origin. The
blocker may be failing because the scammers are using botnets, changing
their sender domain, or because your email rules are not catching the
variations.
Here is why your blocks might be failing and how to fix it:
Why Blocked Emails Still Arrive
Spoofed Email Addresses:
The "From" address you see is likely fake. The email is actually
arriving from a different address than the one you blocked, meaning your
block rule doesnt apply to the new one.
Multiple IP/Domain Rotation:
Fraudsters often have hundreds of domains and IP addresses available.
Blocking one IP (e.g., 163.172.174.139) does nothing to stop them from
using another. PS already happened to 法国 scaleway.com
Service Provider Limits:
Standard spam filters might not be immediately updated with the
malicious IP, or they may be overwhelmed by the volume of spam,
according to this Microsoft Learn thread.
Shared Infrastructure:
Sometimes, legitimate but compromised servers (shared IPs) are used,
making it harder for automated systems to block them without affecting
legitimate traffic, notes Suped.
Steps to Take
Create Advanced Rules:
Instead of just blocking the sender address, create an Inbox rule that
moves emails to the trash based on common "keywords," "phrases," or
phishing phrases in the subject/body, says Microsoft Support.
Check "Safe Senders" List:
Ensure the sender is not mistakenly included in your safe senders list,
which overrides blocked senders, suggests Microsoft Learn.
Analyze Message Headers: Use your email providers "View message source" option to find the true originating IP address, which might be different from the one displayed in the From field, says Microsoft Learn.
Mark as Junk/Phishing: Consistently mark these emails as "Phishing" or "Junk" to train your email providers filtering algorithms, says the Federal Trade Commission
searched [how to block scaleway.com send many frau emails ? ] To block fraudulent emails originating from or appearing to come from
scaleway.com, you should use a combination of blocking rules in your email provider and, if the fraud is originating from a Scaleway account, reporting it directly to them.
Immediate Mitigation (Inbox Filtering)
Block Domain in Gmail/Outlook: Mark the emails as spam or phishing. Create a filter to permanently delete emails where the sender address contains scaleway.com or specific subdomains.
Create Rules:
Set up a rule to automatically move all emails with "Scaleway" in the
header to a junk folder, allowing you to review them without them
hitting your inbox.
Do Not Unsubscribe: Fraudulent emails often use fake "unsubscribe" links to confirm your email is active. Just delete or mark as spam.
Reporting the Fraudulent Emails
Report Abuse to Scaleway:
If the emails are phishing attempts designed to look like they come
from Scaleway, report them to Scaleways abuse team. According to their
documentation, you can manage and report abuse cases within the Scaleway
console.
Identify Spoofing:
Note that spammers often spoof the from line. If the emails are
coming from many different variations of the domain, you may need to
block the domain scaleway.com entirely rather than specific email addresses.
Technical Protection
Check Email Headers:
Analyze the email header to see if the mail actually originated from
Scaleway infrastructure or if it is just "spoofed" (pretending to be
from them).
Report to Anti-Spam Services: Use tools like Spamhaus to report malicious domains, which helps prevent future messages from reaching your inbox
PS i would continue finish the block scaleway.com after return from old house....
ps Criminal IP (criminalip.io) for 163.172.174.139 require to pay $89.08/mon(starter, $99). so gave up. in last several years most usa companies only offer one free searched. some wont charge individuals but business companies. the question is can $89.08 help victims to get out dark web? we all knew no guarantee in usa same as cant stop hackers send fraud and blackmails. MS defender cant catch nor perfmon find any wrong in my pc. whatever i suffer might be i am selected white mice as fishing to catch dark web hackers by usa government related or MS and its 3rd party app companies updating caused many data files auto disappeared made me felt hacker(or AI) control our 2 pc, 2 iphone.
-----------------------------
2. Mark as Spam/Junk
Gmail/Outlook:
Manually mark these emails as "Spam" or "Junk". This teaches your email
provider to filter similar future messages automatically.
3. Check for Actual Compromise
While usually, these are fake, it is wise to verify your account security.
Check Activities: Go to your Microsoft Account Activity page or Google Security Checkup to ensure no one else is actually using your account.
4. What Not To Do
Do not click any links inside these emails, as they are likely phishing attempts.
Do not reply to the emails.
Note:
In some scenarios, you may not be able to "block" your own address in
the traditional sense, but the filter/delete rule mentioned above serves
the same purpose.
自訂分類:不分類
上一則: after restart PC many files folders auto disappeared in pined file folder but find in [windows system32 notepad.exe] ?下一則: 公安机关悬赏征集2名台湾居民违法犯罪线索--台湾居民走私惯犯简文昇、陈顺进操控“宏泰58号”等船只
你可能會有興趣的文章:
- which brand use plastic saussage, any non eatable warning ? 塑料肠衣 or 可食用合成胶原蛋白肠衣, highly suspect the label showed 天然肠衣 更新4/2/2026
- 阿房宫没被烧且是座“烂尾楼”--世界最大规模的古代夯土建筑,宋人长安志记录阿房宫只建好三面墙没有南墙2002年证实;浙江绍兴越国都城遗址;西周曾侯鼎更新3/30/2026
- 公安机关悬赏征集2名台湾居民违法犯罪线索--台湾居民走私惯犯简文昇、陈顺进操控“宏泰58号”等船只
- on 3/10/2026 very bad win11 notepad version 11.2510.14.0 updated 更新3/12 11.2512.26.0 is better
- cant watch any videos since MS 3/1/2026 updated 3/4 solved by MS tech support 更新3/7 CCTV.com videos 真正地解决 GroupPolicy-ClientTools Error: 14107
- 地下室石膏板被水浸泡 8 days better removed not replace it--very likely happen again in the future
限會員,要發表迴響,請先登入
