Hosting.Black — Страница 118 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

Mirai botnet controller @51.89.210.140

Mirai botnet controller hosted here: $ telnet 51.89.210.140 25565 Trying 51.89.210.140… Connected to 51.89.210.140. Escape character is ‘^]’.

RedLineStealer botnet controller @62.182.159.86

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 62.182.159.86 on port 65531 TCP: $ telnet 62.182.159.86 65531 Trying 62.182.159.86… Connected to 62.182.159.86. Escape character… Читать далее RedLineStealer botnet controller @62.182.159.86

Spam Redirector/Unsubscribe/Click Collection URI (OMICS)

This IP address hosts a spam redirector, click collector, and unsubscribe URI for OMICS (aka Remedy Publishers, aka Austin Publishing, etc.) OMICS runs business training webinars, and advertises those services to lists of email addresses that were scraped from public sources, purchased from a list seller, or obtained through an email appender. OMICS has a… Читать далее Spam Redirector/Unsubscribe/Click Collection URI (OMICS)

Spam Redirector/Unsubscribe/Click Collection URI (OMICS)

advance fee fraud spam source at if-liban.com

Mail server distributing advance fee fraud (‘419’) spam, probably thanks to a compromised password. mail.if-liban.com. 300 IN A 116.202.192.198 ============================================================================ Return-Path: <ketty.abboud@if-liban.com> Received: from mail.if-liban.com (HELO mail.if-liban.com) (116.202.192.198) by x (x) with (AES256-SHA encrypted) ESMTPS; Sun, 09 Jan 2022 xx:xx:xx +0000 Received: from mail.if-liban.com (localhost.localdomain [127.0.0.1]) by mail.if-liban.com (Postfix) with ESMTP id x for <x>;… Читать далее advance fee fraud spam source at if-liban.com

Smoke Loader botnet controller @172.67.171.107

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 172.67.171.107 on port 80 (using HTTP POST): http://greenco2020.top/ http://greenco2021.top/ http://greenco2022.top/ $ dig +short greenco2020.top 172.67.171.107 Referencing malware binaries (MD5 hash): 050e0604ba92f40f9f058a80db861c48… Читать далее Smoke Loader botnet controller @172.67.171.107

Mirai botnet controller @51.75.166.195

Mirai botnet controller hosted here: $ telnet 51.75.166.195 23 Trying 51.75.166.195… Connected to 51.75.166.195. Escape character is ‘^]’.

stolen domains / spam host

alobayya.com has address 193.3.19.52 bodypoetrystudio.com has address 193.3.19.52 conservationsouthdakota.net has address 193.3.19.52 huetcapital.net has address 193.3.19.52 mazar.net has address 193.3.19.52 northhavenpost.com has address 193.3.19.52 norwexpc.com has address 193.3.19.52 sellfone.ie has address 193.3.19.52 taralon.com has address 193.3.19.52 vitdoc.com has address 193.3.19.52 www.conservationsouthdakota.net has address 193.3.19.52 www.northhavenpost.com has address 193.3.19.52

Malware botnet controller @194.87.185.80

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.80 on port 443: $ telnet 194.87.185.80 443 Trying 194.87.185.80… Connected to 194.87.185.80. Escape character is ‘^]’ pywolwnvd.biz. 600 IN A 194.87.185.80… Читать далее Malware botnet controller @194.87.185.80

phishing server

34.106.12.207|wells-securec03.com|2022-01-07 22:06:15 34.106.12.207|wells-securec1.com|2022-01-07 20:06:32 34.106.12.207|wells-securec2.com|2022-01-07 21:56:11 34.106.12.207|wells-securec4.com|2022-01-07 22:16:21