Hosting.Black — Страница 150 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

Spamvertised website

Received: from nesciuntkdqok.wijsetrltd.com (185.250.149.192) Date: Wed, 08 Dec 2021 11:0x:xx +0000 From: Bitcoin Nieuws, Tillman Bitcoin <nieuws@mailing.fnv.nl> Subject: RE: Verdien 70k in 7 Weken http://hurryup.digital/rd/[] 104.168.242.98 https://importantloading.com/[] 195.133.83.234 https://yellingfrogs.com/index2.php?id=106&s1=350712&s2=[]&s3=3314&s4=0&p=nl2bit5e 172.67.216.239 https://uncutstoning.com/?[] 172.67.171.54 https://bronzinn.com/click?trvid=10271&s2=[]&s1=350712&s3=3314 52.205.18.96 https://www.qw5dvch.com/[]/?uid=1238&sub1=clrynx4s860k&sub2=3314 34.98.123.50 https://ss947eftrkflw.com/transaction/click/[] 104.21.63.60 https://crypto-appreciate.com/bitcoin-system-triple/index-nl.html?lang=nl&id=[]&offer_id=393&affiliate_id=25&t=3&ip=[]&country_code=NL&source=&aff_sub=clrynx4s860k&aff_sub2=3314&aff_sub3=&aff_sub4=&aff_sub5=&platform_key=[]&transaction_id=[]9 84.17.46.50

Spamvertised website

2021-12-08 nadisdh.com. 60 IN A 212.109.199.174 Received: from eaquegmhjm.cloudfront.net (20.68.129.110) From: Collagen, Collagen, <noreply@info.dnb.no> Subject: 𝟔 𝐠𝐨𝐝𝐞 𝐠𝐫𝐮𝐧𝐧𝐞𝐫 𝐭𝐢𝐥 å 𝐭𝐚 𝐂𝐨𝐥𝐥𝐚𝐠𝐞𝐧 𝐏𝐥𝐮𝐬 Date: Mon, 06 Dec 2021 10:5x:xx +0000 http://nadisdh.com/rd/[] 188.120.247.225 https://www.explicitcrackbeams.com/[]/?sub1=10&sub2=[]&sub3=[] 209.236.123.241 http://www6.andromedanebula.com/?[] 35.186.238.101

spam emitters

Received: from s2.megojom.ru (megojom.ru [109.71.12.218]) Date: Wed, 8 Dec 2021 10:0x:xx +0000 From: Aleksandr <info@s2.megojom.ru> Subject: Предложение 109.71.12.218 megojom.ru 109.71.12.219 tefalongo.ru 109.71.12.220 eseneno.ru 109.71.12.221 derwerer.ru 109.71.12.222 grehemon.ru

Chinese phisher landing sites.

The usual chinese reverse proxy here. 35.220.165.56 etc-shaimeisjapn.zapto.org 35.220.165.56 etc-maiashei.serveminecraft.net 35.220.165.56 etc-sheimsen.serveminecraft.net 35.220.165.56 etc-maislhent.serveblog.net 35.220.165.56 amazojapshenjap.serveblog.net 35.220.165.56 etc-shaimeijgp.serveblog.net 35.220.165.56 etc-maislhengjpa.servequake.com 35.220.165.56 etc-shenmaijapa.onthewifi.com 35.220.165.56 etc-meishaisndo.onthewifi.com 35.220.165.56 etc-smailsheij.servepics.com 35.220.165.56 etc-shaiemetnjap.servepics.com 35.220.165.56 etc-sjhenjapasn.myftp.biz 35.220.165.56 etc-maislsheimj.freedynamicdns.net 35.220.165.56 amazonjspan.webhop.me 35.220.165.56 etc-sjagpenajp.servegame.com 35.220.165.56 etc-sheimainjapa.serveirc.com 35.220.165.56 etc-meishainjap.myvnc.com 35.220.165.56 etc-mailshail.myvnc.com 35.220.165.56 etc-shienjgpan.gotdns.ch 35.220.165.56 etc-maislhenjp.gotdns.ch 35.220.165.56 etc-mailarec.freedynamicdns.org 35.220.165.56 etc-meailsheiapa.redirectme.net 35.220.165.56 etc-mailshemjp.serveftp.com —2021-12-08 17:50:26— https://amaxazpasnd.servepics.com/?user_token=x@x… Читать далее Chinese phisher landing sites.

loan spam

helo: bizcloud-box.iye.com.de msgid: x@iye.com.de Reply-To: BLIF@protonmail.com srcip: 138.68.229.160 bodyfrom: BLIF — Bahrain Investment Support Company Subject: BLIF — Financial Facilities To Business Owners timestamp: 2021-12-08 x

Malicious site.

Fake Microsoft «you have a virus, call this number» scam site. Usually arrived at by a sea of redirectors. Expects you to call (050)5806-8334

phishing server

132.145.144.87|citi1secure.com|2021-12-04 23:01:02 132.145.144.87|citi5secure.com|2021-12-04 01:40:49 132.145.144.87|citi8secure.com|2021-12-07 21:26:12 132.145.144.87|citionlysecure.com|2021-12-05 08:05:53

phishing server

20.199.110.93|2d-authentification.com|2021-12-06 11:46:12 20.199.110.93|abonnement-paypai.com|2021-11-11 02:31:11 20.199.110.93|colis-livraison-express.com|2021-11-26 01:56:08 20.199.110.93|compte-amazon.com|2021-11-08 01:50:53 20.199.110.93|compte-verification-paypal.com|2021-10-28 02:15:45 20.199.110.93|compte-verifications-paypal.com|2021-11-23 19:41:12 20.199.110.93|deliveryserviceusps.com|2021-11-18 13:31:45 20.199.110.93|fr-service-livraison.com|2021-11-21 22:20:46 20.199.110.93|fr-verification-paypal.com|2021-11-11 02:36:37 20.199.110.93|iaposte-livraison.com|2021-11-11 02:26:23 20.199.110.93|la-poste-compte.com|2021-11-09 01:55:55 20.199.110.93|mon-abonnement-netflix.com|2021-11-25 15:09:49 20.199.110.93|netfllx-log.fr|2021-11-24 15:37:14 20.199.110.93|orange-groupe-restriction.com|2021-10-25 01:10:56 20.199.110.93|rescheduledeliveryusps.com|2021-12-07 20:51:02 20.199.110.93|service-dgfp.com|2021-11-07 02:45:55 20.199.110.93|services-verification-paypal.com|2021-12-06 11:12:02 20.199.110.93|uspsdeliverservice.com|2021-11-25 02:36:40 20.199.110.93|uspspackagedelivery.com|2021-11-24 02:26:13 20.199.110.93|verification-compte-paypal.com|2021-11-29 15:01:27

RedLineStealer botnet controller @91.243.32.50

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 91.243.32.50 on port 63948 TCP: $ telnet 91.243.32.50 63948 Trying 91.243.32.50… Connected to 91.243.32.50. Escape character… Читать далее RedLineStealer botnet controller @91.243.32.50

phishing server

185.207.251.73|becuvsqnsecuritieshotline.org|2021-12-07 19:20:55 185.207.251.73|5sco.online|2021-12-06 20:06:23 185.207.251.73|navyfederalservices.online|2021-12-07 00:30:51 185.207.251.73|pq0.org|2021-12-07 02:41:10 185.207.251.73|securedbecuwebforbecualerts.info|2021-12-06 02:15:44 185.207.251.73|securedhuntington1authorizedsecuredidentification.net|2021-12-07 01:30:27 185.207.251.73|securedhuntingtonauthorizedsecuredidentification.info|2021-12-07 00:21:08 185.207.251.73|securedwebforbecualerts.info|2021-12-02 21:36:01