Hosting.Black — Страница 125 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

DCRat botnet controller @83.220.170.182

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. DCRat botnet controller located at 83.220.170.182 on port 80 (using HTTP GET): hXXp://83.220.170.182/poolcore/loggame/record/system/prod/cutlocalframe/systemframegameframe/pluginlog/searchersystemanti/limitWarbin/scriptCambootframe/geoApiLinuxflower.php $ nslookup 83.220.170.182 detasyt.fvds.ru Referencing malware binaries (MD5 hash): 094530622888dbbc9f0aa7312af93208 — AV detection: 44… Читать далее DCRat botnet controller @83.220.170.182

Malware botnet controller @104.21.63.77

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 104.21.63.77 on port 80 (using HTTP GET): hXXp://humnkd.xyz/cookie/useStatistics/count $ dig +short humnkd.xyz 104.21.63.77 Referencing malware binaries (MD5 hash): 4ffef2e35594eb44fcf1e4c222ec5341 — AV detection:… Читать далее Malware botnet controller @104.21.63.77

irs phishing server

104.46.233.228|agermx.com|2021-12-30 18:11:56 104.46.233.228|awsdirect.web.id|2021-12-31 03:20:54 104.46.233.228|bdstudytips.info|2021-12-30 18:12:27 104.46.233.228|buttonpia.com|2021-12-29 16:01:54 104.46.233.228|case230.cloudns.ph|2021-12-26 10:37:25 104.46.233.228|caseid.cloudns.ph|2021-12-27 15:27:19 104.46.233.228|caseserv.cloudns.ph|2021-12-27 15:28:28 104.46.233.228|claim-irs.org|2021-12-31 03:06:22 104.46.233.228|claim-irs.tax|2021-12-30 16:51:52 104.46.233.228|claimtax-irs.com|2021-12-30 15:41:19 104.46.233.228|cobakurtlah.com|2021-12-29 15:51:17 104.46.233.228|dianomon.live|2021-12-29 16:36:57 104.46.233.228|domashnasreda.info|2021-12-29 15:51:17 104.46.233.228|edmwebs.cloud|2021-12-31 03:36:44 104.46.233.228|empirenews24.cloud|2021-12-30 12:01:40 104.46.233.228|f3nr1oa.cloud|2021-12-31 03:36:45 104.46.233.228|flipsidenow.com|2021-12-29 15:56:22 104.46.233.228|give-satisfaction.info|2021-12-30 16:00:03 104.46.233.228|ictonlineacademy.info|2021-12-29 16:36:54 104.46.233.228|marketprofitable.info|2021-12-29 15:56:20 104.46.233.228|shomasite.info|2021-12-29 16:36:57 104.46.233.228|trxid.cloudns.ph|2021-12-28 13:38:45 104.46.233.228|w293cw.cloudns.ph|2021-12-30 10:24:57

chinese counterfeit spam nameserver — zdkok.com

Nameserver set up by chinese counterfeit spammers. tailong-hk.com. 14400 IN NS 999.zdkok.com. tailong-hk.com. 14400 IN NS 888.zdkok.com. 999.zdkok.com. 172799 IN A 15.223.109.236 888.zdkok.com. 172799 IN A 15.223.109.236 2.tailong-hk.com. 14400 IN A 199.19.95.17 www.zdkok.com. 300 IN A 104.21.76.13 www.zdkok.com. 300 IN A 172.67.185.12 zdkok.com. 172800 IN NS adam.ns.cloudflare.com. zdkok.com. 172800 IN NS gabriella.ns.cloudflare.com. ec2-15-223-109-236.ca-central-1.compute.amazonaws.com. 604800 IN… Читать далее chinese counterfeit spam nameserver — zdkok.com

AsyncRAT botnet controller @20.108.44.45

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.108.44.45 on port 3152 TCP: $ telnet 20.108.44.45 3152 Trying 20.108.44.45… Connected to 20.108.44.45. Escape character… Читать далее AsyncRAT botnet controller @20.108.44.45

DCRat botnet controller @3.22.30.40

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 3.22.30.40 on port 16416 TCP: $ telnet 3.22.30.40 16416 Trying 3.22.30.40… Connected to 3.22.30.40. Escape character… Читать далее DCRat botnet controller @3.22.30.40

phishing server

140.238.126.215|help-navyfederal.ml|2021-12-30 00:46:11 140.238.126.215|navyfederal-help.ml|2021-12-30 04:40:54 140.238.126.215|tracking-postl.ga|2021-12-29 23:06:25 140.238.126.215|tracking-uspspostals.ga|2021-12-29 13:32:00 140.238.126.215|usps-trackingpostl.gq|2021-12-29 13:56:27

phishing server

147.182.214.185|citiesonlinebank.com|2021-12-29 23:50:55 147.182.214.185|localsupportcitibank724.info|2021-12-29 20:50:56

Phish source @139.59.178.223

Received: from 710306.cloudwaysapps.com (unknown [139.59.178.223])

spam source

135.148.149.159 vps-cb7b666f.vps.ovh.us «8lj4v2b.com» 2021-12-27T18:00:00Z (+/-10 min) 135.148.149.159/32 (135.148.149.159 .. 135.148.149.159) == Sample ========================== From: «Chuachan» <hhfoyou43@gmail.com> Subject: my future investment proposed in your country To: .* Content-Type: text/plain; charset=us-ascii Reply-To: «Chuachan» <hhfoyou43@gmail.com>, hhfoyou43@gmail.com Date: .* X-Priority: 3 Hi, I just got your contact today during a research about your country and I will say that… Читать далее spam source