Scam Detective
Domain

jbvimqgyzoxfcue.cloudflair.za.com

First seen Feb 24, 2026

Suspicious
  • No SSL certificate
  • 1 community report from users

Campaign Intelligence

This cluster centers on 2382 connected domains tagged as PureHVNC, elf, sh. 572 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 557 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2228 complaints with federal agencies. Geog...

Part of: Dropped call or no message Robocall Campaign3/17/2026

This cluster centers on 2396 connected domains tagged as 156-233-71-230, Quakbot, lnk. 586 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 565 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2237 complaints with federal agen...

Part of: Lotteries, prizes & sweepstakes Robocall Campaign3/18/2026

This cluster centers on 1895 connected domains tagged as BeaverTail, RedLineStealer, password: 2026. 113 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 934 phone numbers (8772427372, 1319641540, 1319641221) with 524 FTC complaints; 683 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2093 complaints wit...

Part of: Medical & prescriptions Robocall Campaign2/26/2026

This cluster centers on 2416 connected domains tagged as BABADEDA, WallStealer, meterpreter. 607 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (5086371451, 9366439335, 1842506726) with 570 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2243 complaints with federa...

Part of: Lotteries, prizes & sweepstakes Robocall Campaign3/19/2026

This cluster centers on 3287 connected domains tagged as HijackLoader, RemcosRAT, screenconnect. 617 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1649 phone numbers (5408463620, 8552597377, 8007873903) with 7110 FTC complaints; 143 companies (Informative LLC, HomePlus Corporation, Doral Capital Corporation) with 8547081 CFPB complaints; 807 email addresses (kellymoore_64@yahoo.com, schantzsybg7@...

Part of: Dropped call or no message Robocall Campaign3/21/2026

Details

First Seen
2/24/2026

Related Domains

No known connections to other entities yet.

Community Reports

Email showing as sent FROM my address, but I never sent it - what the hell? So I got this weird situation and I'm kinda freaking out. Got an email in my inbox that shows: * (From): \[[newsletter@jbvimqgyzoxfcue.cloudflair.za.com](mailto:newsletter@jbvimqgyzoxfcue.cloudflair.za.com)\] * (sent from): Trusted Sender "my-email"@gmail.com * (To): \[[me@aol.com](mailto:me@aol.com)\] The thing is... that's MY email address in the "sent from" field. But I swear on my life I never sent this email. Like, I'm 100% sure. I checked my sent folder... nothing there. No record of sending anything to this aol address. My account security looks fine, no weird connected devices or strange login attempts or anything suspicious. How is this even possible without me actually sending it? Is this some kind of email spoofing thing? Can someone make it look like an email came from my address without actually accessing my account? Or am I missing something obvious here? Sure the e-mail landed into my spam folder, but this is still really concerning to me! Here is a list of what I can see from Gmail: \- From: \[[newsletter@jbvimqgyzoxfcue.cloudflair.za.com](mailto:newsletter@jbvimqgyzoxfcue.cloudflair.za.com)\] \- Sent by: Trusted Sender ("my-email") \- To: \[[me@aol.com](mailto:me@aol.com)\] Technical Details: \- Mailing list: xt.local \- Security: Standard encryption (TLS) \- Sender domain: \[dsddqhdfdodsyfd.cloudflair.za.com\] \- Signed by: \[JbVimqgyzOXfCUE.cloudflair.za.com\]

294 days ago5 upvotes

Share Your Experience

What's Your Exposure?

Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.

NordProtect Identity theft monitoring and recovery

NordProtect watches for your personal info on the dark web, monitors your credit, and covers up to $1M in identity theft insurance.

Get NordProtectAffiliate link. We may earn a commission.