pfcloud.io

@spamhaus Thank you for the report. We have suspended the customer and stopped the IP announcements.

They say you always meet twice in life. For 🇨🇼 Curaçao-based King's Cross N.V., this is certainly true, albeit unexpected: Previously surfacing in conjunction with criminal activity in the gambling sector, according to online reporting, a domain associated with it, wirelesscuracao[.]com, was re-registered on February 1. Two weeks later, on February 15, King's Cross' previously dormant AS26173 entered life again, announcing 143.222.0.0/16 and 160.65.0.0/16, two hijacked networks belonging to 🇺🇸 Cummins Engine Company and Indepth Data Inc., respectively. We assess AS26173, allocated to King's Cross N.V. in 2002, has been hijacked as well.🕵️ Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed. Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks. #Cybercrime #OSINT #BulletproofHosting

@shakalandy pfcloud.io is using Cloudflare Business

Is anybody using Cloudflare Business for his/her website here? Please share the URL, thanks! I am searching for an account to add it to my "Netzbremse" Monitoring (throttling Telekom <> Cloudflare). #cloudflare

@txnvha @pigeonovv @spamhaus @abuse_ch @banthisguy9349 @urlquery @correctiv_org @mxbernhard @RETNnet Except they dont send it to us and send it to a wrong email, which we have contacted them about a few weeks ago and they still have not changed it. We check the Website periodically ourselves and suspend all Malware.

@pigeonovv @spamhaus @abuse_ch @banthisguy9349 @pfcloudio @urlquery @correctiv_org @mxbernhard @RETNnet @abuse_ch sends abuse reports to hosting providers that are hosting malware. When Pfcloud doesn't respond or suspend, of course they're going to be listed as bulletproof. A few years ago, Aeza used to ignore abuse. They still don't respond but the servers at least being suspended

Dear representatives of @spamhaus, @abuse_ch, @banthisguy9349, @pfcloudio, @urlquery, @correctiv_org, and @mxbernhard, @RETNnet I would like to address some pressing concerns regarding your activities and their impact on the hosting industry. [1/9]

@pigeonovv @spamhaus @abuse_ch @banthisguy9349 @urlquery @correctiv_org @mxbernhard @RETNnet @spamhaus we are still waiting for your response to our emails.. that we sent on the first of december, and our other emails we sent to you in the last month. All without an answer. Please respond to us, so we can resolve this issue together.

@Avamander @ClashPlayer_ @spamhaus What is Censys in your opinion?

@pfcloudio @ClashPlayer_ @spamhaus A single report might not be reliable, all the reports together are. Trying to poke around in the wrong places without consent _is_ abuse.

Thank you @spamhaus for ignoring our emails and requests for over a month and closing our tickets without giving us any helpful response, wrongly listing subnets, and yet having time to pressure our partners to stop working with us because of your unreasonable listings. 1/6

@MoveLaterally @spamhaus abuseipdb.com/check/1.1.1.1 Is this IP also abusive? 😂 Abuseipdb is not a reliable source for abuse reports.

@pfcloudio @spamhaus Hmm

@ClashPlayer_ @spamhaus Abuseipdb is not a reliable source for abuse reports. Not only can anyone create an account and post what they want, most of the reports I was able to see are for port 80... Accessing a webserver is not abuse.

@pfcloudio @spamhaus abuseipdb.com/check-block/15… 🤔

@Gi7w0rm @spamhaus @neterranet Check the URLHaus feed please. Every single IP is offline/terminated and its also displayed as "offline" on URLHaus. From what i can see on Greynoise, most of the IPs are Tor Nodes. The site will also not display more information without payment.

@pfcloudio @spamhaus @neterranet Let me be of some help here: There has been some IoT botnets continously using your IP Space. Please refer to: urlhaus.abuse.ch/feeds/asn/5139… As of today 146 ips are involved in sus/mal scan activities: viz.greynoise.io/query/organiza… You can also use URLscan.io to verify abuse.

@spamhaus @neterranet We urge @spamhaus to engage in transparent communication and resolve these issues fairly, instead of damaging our business and reputation without justification. 6/6

@spamhaus @neterranet At this point we are wondering if they are just considering any domain pointing to our infrastructure as malicious, as their reports also contained our nameservers ns1 and ns2.pfcloud.io. We are not alone with such issues. 5/6

@LemonHaze420_ What is the point of your post then? Obviously we will take down any malware that is reported properly (via URLHaus or email), it looks like you are just trying to display us in a bad light.

@pfcloudio They take time to submit, you should know that. But they are 100% reported. And there are also numerous reports your company is conveniently ignoring which were sent over a week ago via email. The listings will appear on URLhaus today.

84.54.51.49 hosted by none other than @pfcloudio ! #c2 #gafgyt

@LemonHaze420_ There are currently 0 listings on URLhaus for our ASN. The IP has no reports: urlhaus.abuse.ch/host/84.54.51.…

@pfcloudio Yeah, you don't think I haven't reported them?

@banthisguy9349 There is no connection between the domain you mentioned and the IP 193.35.18.142. The domain used this ip previously, which is no longer the case.

@pfcloudio can you please clarify who owns panel.aggro[.]email? :). because whoever owns it is responsible for having a botnet including malicious malware. #summary" target="_blank" rel="nofollow noopener">urlscan.io/result/dabf5e0…

suspicious files found on hxxp://2.58.95.108/ that previously had a coinminer active urlhaus.abuse.ch/url/2856845/ download in safe environment hxxp://2.58.95.108/ a.out hxxp://2.58.95.108/ client who can determine whether the purpose of these two files?

@devcommandyt @as16276 bgp.tools/ixp/VIX

@as16276 BIX IX?

🎉 OVHcloud's network has just expanded to Vienna, joining BIX IX ! Enjoying faster, more reliable services and a healthy dose of schnitzel-fueled connections 🇦🇹