Hosting.Black — Страница 148 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

spam emitters

Received: from s5.megojom.ru (212.41.5.162 [212.41.5.162]) Date: Fri, 10 Dec 2021 12:1x:xx +0000 From: Aleksandr <info@s5.megojom.ru> Subject: Предложение 212.41.5.162 megojom.ru 212.41.5.163 tefalongo.ru 212.41.5.164 eseneno.ru 212.41.5.165 derwerer.ru 212.41.5.166 grehemon.ru

RedLineStealer botnet controller @145.239.32.179

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 145.239.32.179 on port 27763 TCP: $ telnet 145.239.32.179 27763 Trying 145.239.32.179… Connected to 145.239.32.179. Escape character… Читать далее RedLineStealer botnet controller @145.239.32.179

OskiStealer botnet controller @172.67.131.21

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. OskiStealer botnet controller located at 172.67.131.21 on port 80 (using HTTP POST): hXXp://hp-tv.tk/6.jpg $ dig +short hp-tv.tk 172.67.131.21 Other malicious domain names hosted on this IP address:… Читать далее OskiStealer botnet controller @172.67.131.21

Malware botnet controller @31.184.249.178

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 31.184.249.178 on port 443: $ telnet 31.184.249.178 443 Trying 31.184.249.178… Connected to 31.184.249.178. Escape character is… Читать далее Malware botnet controller @31.184.249.178

phishing server

137.184.157.131|d1-citi-secure-account.com|2021-12-09 23:29:56 137.184.157.131|d2-citi-secure-account.com|2021-12-09 23:40:51

Malware botnet controller @45.8.127.157

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.8.127.157 on port 443: $ telnet 45.8.127.157 443 Trying 45.8.127.157… Connected to 45.8.127.157. Escape character is… Читать далее Malware botnet controller @45.8.127.157

phishing server

104.40.61.33|100000000007386248253762869431.ml|2021-12-09 14:16:47 104.40.61.33|100000000007386248253762869432.ml|2021-12-09 14:17:15 104.40.61.33|100000000007386248253762869433.ml|2021-12-09 14:16:59 104.40.61.33|100000000007386248253762869434.ml|2021-12-09 14:16:22 104.40.61.33|100000000007386248253762869436.ml|2021-12-09 14:26:50 104.40.61.33|100000000007386248253762869437.ml|2021-12-09 14:16:41 104.40.61.33|100000000007386248253762869438.ml|2021-12-09 14:56:15 104.40.61.33|100000000007386248253762869439.ml|2021-12-09 14:22:07 104.40.61.33|1000000000885412110212461-mx.tk|2021-12-09 16:11:26 104.40.61.33|1000000000885412110212463-mx.tk|2021-12-09 16:11:38 104.40.61.33|1000000000885412110212466-mx.tk|2021-12-09 16:11:16 104.40.61.33|1000000000885412110212467-mx.tk|2021-12-09 16:11:48 104.40.61.33|1000000000885412110212468-mx.tk|2021-12-09 16:11:33 104.40.61.33|1000000000885412110212469-mx.tk|2021-12-09 16:11:55 104.40.61.33|1000000000885412110212470-mx.tk|2021-12-09 16:12:02 104.40.61.33|50000000000032857891231658202.tk|2021-12-09 12:16:27 104.40.61.33|50000000000032857891231658203.tk|2021-12-09 12:16:17 104.40.61.33|50000000000032857891231658204.tk|2021-12-09 12:17:02 104.40.61.33|50000000000032857891231658205.tk|2021-12-09 12:16:46 104.40.61.33|50000000000032857891231658206.tk|2021-12-09 13:12:10 104.40.61.33|50000000000032857891231658207.tk|2021-12-09 12:16:53 104.40.61.33|50000000000032857891231658208.tk|2021-12-09 14:26:25 104.40.61.33|50000000000032857891231658209.tk|2021-12-09 14:26:54 104.40.61.33|50000000000032857891231658210.tk|2021-12-09 14:16:45 104.40.61.33|add-25-251-50-25.cf|2021-12-09 10:46:09 104.40.61.33|claim-token.xyz|2021-12-09 08:47:19 104.40.61.33|dns-71-409-11.ga|2021-12-09 09:46:56 104.40.61.33|dns-71-409-11.gq|2021-12-09… Читать далее phishing server

OskiStealer botnet controller @104.21.3.183

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. OskiStealer botnet controller located at 104.21.3.183 on port 80 (using HTTP POST): hXXp://hp-tv.tk/6.jpg $ dig +short hp-tv.tk 104.21.3.183 Other malicious domain names hosted on this IP address:… Читать далее OskiStealer botnet controller @104.21.3.183

spam emitters

Received: from s2.megojom.ru (megojom.ru [82.202.199.34]) Date: Thu, 9 Dec 2021 09:3x:xx +0000 From: Aleksandr <info@s2.megojom.ru> Subject: Предложение 82.202.199.34 megojom.ru 82.202.199.35 tefalongo.ru 82.202.199.36 eseneno.ru 82.202.199.37 grehemon.ru 82.202.199.38 derwerer.ru

Spamvertised website

2021-12-09 nadisdh.com. 60 IN A 212.109.199.195 2021-12-08 nadisdh.com. 60 IN A 212.109.199.174 Received: from eaquegmhjm.cloudfront.net (20.68.129.110) From: Collagen, Collagen, <noreply@info.dnb.no> Subject: 𝟔 𝐠𝐨𝐝𝐞 𝐠𝐫𝐮𝐧𝐧𝐞𝐫 𝐭𝐢𝐥 å 𝐭𝐚 𝐂𝐨𝐥𝐥𝐚𝐠𝐞𝐧 𝐏𝐥𝐮𝐬 Date: Mon, 06 Dec 2021 10:5x:xx +0000 http://nadisdh.com/rd/[] 188.120.247.225 https://www.explicitcrackbeams.com/[]/?sub1=10&sub2=[]&sub3=[] 209.236.123.241 http://www6.andromedanebula.com/?[] 35.186.238.101