Hosting.Black — Страница 127 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

phishing server

unlocksecured.com 2021-12-28 21:52:47 accountunlock.info 2021-12-28 16:35:06 accountunlock.info has address 150.136.153.24 unlocksecured.com has address 150.136.153.24

GCleaner botnet controller @188.40.15.9

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. GCleaner botnet controller located at 188.40.15.9 on port 80 (using HTTP GET): hXXp://favartif.top/getFile.php Referencing malware binaries (MD5 hash): a12b8d3cd6f1fee82d85eb2b6ecc4d72 — AV detection: 39 / 68 (57.35) a361d0ab7facb9cb9d4f4508c45e7514… Читать далее GCleaner botnet controller @188.40.15.9

Malware botnet controller @80.249.149.129

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 80.249.149.129 on port 443: $ telnet 80.249.149.129 443 Trying 80.249.149.129… Connected to 80.249.149.129. Escape character is ‘^]’ Malicious domains observed at this… Читать далее Malware botnet controller @80.249.149.129

GCleaner botnet controller @51.38.95.22

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. GCleaner botnet controller located at 51.38.95.22 on port 80 (using HTTP GET): hXXp://favartif.top/getFile.php Referencing malware binaries (MD5 hash): a12b8d3cd6f1fee82d85eb2b6ecc4d72 — AV detection: 39 / 68 (57.35) a361d0ab7facb9cb9d4f4508c45e7514… Читать далее GCleaner botnet controller @51.38.95.22

phishing server

20.120.6.193|auth-19citi.com|2021-12-27 17:01:12 20.120.6.193|citi-b17auth.com|2021-12-28 01:41:04 20.120.6.193|citi-b22auth.com|2021-12-28 01:34:25 20.120.6.193|secure-09citi.com|2021-12-28 16:07:37 20.120.6.193|wells-13auth.com|2021-12-28 10:01:09

Gafgyt botnet controller @54.37.79.0

Gafgyt botnet controller hosted here: $ telnet 54.37.79.0 666 Trying 54.37.79.0… Connected to 54.37.79.0. Escape character is ‘^]’.

Spamvertised website

Received: from quaehdbsf.newdom.com (20.123.64.64) From: [] 🧡🧡 <> Subject: FWD: Aktiv og større penis. Vær klar til å ha det gøy når du bare vil…. ✔️✔️🍆 Date: Tue, 28 Dec 2021 12:0x:xx +0000 http://gotogml.com/rd/[] gotogml.com. 60 IN A 212.109.219.172

Mirai botnet controller @207.154.205.223

Mirai botnet controller hosted here: $ telnet 207.154.205.223 25565 Trying 207.154.205.223… Connected to 207.154.205.223. Escape character is ‘^]’.

Phish spam source @167.71.209.143

Received: from [167.71.209.143] (helo=mta0.usdrecycling.com) From: [] <qi@gzfoison.com> Subject: [] 帐户验证 Date: 28 Dec 2021 05:0x:xx +0000 https://priceless-hypatia.137-184-60-175.plesk.page/ucc/china-mail/?email=[] priceless-hypatia.137-184-60-175.plesk.page. 3600 IN A 137.184.60.175

phishing server

137.184.87.58|mobile-navyfederal.com|2021-12-28 06:21:05