Hosting.Black — Страница 114 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

Spamvertised website

Received: from 23.236.207.89 (EHLO baumzf.shared.fl00r1ngreplacementqu0te.design) X-Originating-Ip: [185.194.84.31] From: Eterna light <nieuwsbrief@e.debexybijenkorf.nl> Subject: keep your lights on during a blackout Date: Wed, 12 Jan 2022 08:3x:xx +0000 http://lightspeedage.com/[] 195.154.54.145 http://163.172.192.31/tr.php?[] 163.172.192.31 http://instrumentfresh.com/[] 104.227.171.149 https://www.l4n2fytrk.com/[]/?uid=364&sub1=200612&sub2=[]&sub3=[] 35.244.245.136 https://eternalight.originaldefense.com/blog/c?affID=304&C1=200612&C2=[]&C3=[]&C4=&C5=&click_id=[] 172.67.160.67

Spamvertised website

Abused / misconfigured newsletter service (listbombing)

The host at this IP address is being (ab)used to «listbomb» email addresses: From: Martin RAL <martinrals@outlook.com> Subject: Dear Subscriber, Turn Photos into 3D Sketch Videos (Special pricing ends tonight) Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with… Читать далее Abused / misconfigured newsletter service (listbombing)

Malware botnet controller @194.87.185.128

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.128 on port 443: $ telnet 194.87.185.128 443 Trying 194.87.185.128… Connected to 194.87.185.128. Escape character is… Читать далее Malware botnet controller @194.87.185.128

phishing server

159.223.122.197|secure01a-chase-online-support.co|2022-01-10 00:24:03 159.223.122.197|secure01b-chase-online-support.co|2022-01-09 23:14:59 159.223.122.197|secure01b-chase-secure-profile.co|2022-01-12 23:30:59 159.223.122.197|secure04b-chase-secure-profile.co|2022-01-12 23:31:12

spam source

206.81.27.254 env.weazup.com «env.env.weazup.com» 2022-01-08T23:10:00Z (+/-10 min) 206.81.27.254/32 (206.81.27.254 .. 206.81.27.254) == Sample ========================== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=dkim; d=env.weazup.com; h=Message-ID:Date:Subject:From:Reply-To:To:MIME-Version:Content-Type:List-Unsubscribe:List-Id; i=newsletter@env.weazup.com; bh=.*=; b=.*O.*n.*T.*U.*b.*Cx.* .*h.*L.*7.*T.*d2.*U.* .*Q.*g.*= DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=dkim; d=env.weazup.com; b=.*v.*g.*t.*K.*aB.*S.*k.*f.*B.* A.*e.*w.*w.*=; Received: from mail.weazup.com (192.241.136.36) by env.env.weazup.com id hr8.*0001g.* for <.*>; .* (envelope-from <newsletter-.*=.*@env.weazup.com>) Return-Path: <newsletter@env.weazup.com> Message-ID: <.*6.*2.*a.*0a.*8.*6.*@env.weazup.com> Date: .* Subject: Get Your… Читать далее spam source

spam source

[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. 54.240.68.183 a68-183.smtp-out.amazonses.com «a68-183.smtp-out.amazonses.com» 2022-01-11T16:20:00Z (+/-10 min) 54.240.68.187 a68-187.smtp-out.amazonses.com «a68-187.smtp-out.amazonses.com» 2022-01-11T16:40:00Z (+/-10… Читать далее spam source

Spamvertised website

Spamvertised website

Abused / misconfigured newsletter service (listbombing)

Malware botnet controller @194.87.185.128

phishing server

spam source

spam source

spam source

Malware distribution @147.135.126.103

Forged HELO.