Hosting.Black — Страница 159 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

Spamvertised website

Received: from llce.top (45.45.216.214) Date: Thu, 02 Dec 2021 09:0x:xx +0000 Subject: Skann datamaskinen med Norton Secured From: Norton AntiVirus <mail@luckyjackpot4you.com> https://llce.top/index.php/campaigns/[] 45.45.216.214 https://track.helloproducts4you.com/3[] 18.196.84.70 https://contestwinpros.com/nep80/22/ 162.0.217.38

Carding fraud site/forum DNS: kak-prigotovit-spagetti.ru (ccst0re.ru / yalelodge-shop.com / sky-fraud.su etc.)

Hosting 100’s of sites with stolen credit card data: Stolen credit card data website example: ns1.kak-prigotovit-spagetti.ru. 21316 IN A 185.41.163.33 ns2.kak-prigotovit-spagetti.ru. 18328 IN A 149.154.71.252 __________________________ Was: ns1.kak-prigotovit-spagetti.ru. 21316 IN A 185.41.163.33 ns2.kak-prigotovit-spagetti.ru. 18328 IN A 69.25.117.209 __________________________ Was: ns1.kak-prigotovit-spagetti.ru. 21316 IN A 176.107.160.199 ns2.kak-prigotovit-spagetti.ru. 18328 IN A 193.201.126.111 __________________________ Was: ns1.kak-prigotovit-spagetti.ru. 21316 IN A… Читать далее Carding fraud site/forum DNS: kak-prigotovit-spagetti.ru (ccst0re.ru / yalelodge-shop.com / sky-fraud.su etc.)

spam emitter @69.169.224.2

Received: from b224-2.smtp-out.eu-central-1.amazonses.com (69.169.224.2) Subject: News: China Officially Backs a CryptoCurrency and It’s Already in Sweden From: Malin Holm <holm@morningstocktip.com> Date: Thu, 2 Dec 2021 05:4x:xx +0000

spam emitters

Received: from s7.megojom.ru (megojom.ru [81.163.24.106]) Date: Thu, 2 Dec 2021 07:3x:xx +0000 From: Aleksandr <info@s7.megojom.ru> Subject: Предложение 81.163.24.106 megojom.ru 81.163.24.107 tefalongo.ru 81.163.24.108 eseneno.ru 81.163.24.109 derwerer.ru 81.163.24.110 welbryh.ru

RedLineStealer botnet controller @65.108.21.21

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 65.108.21.21 on port 18653 TCP: $ telnet 65.108.21.21 18653 Trying 65.108.21.21… Connected to 65.108.21.21. Escape character… Читать далее RedLineStealer botnet controller @65.108.21.21

spam emitter @54.240.7.30

Received: from a7-30.smtp-out.eu-west-1.amazonses.com (54.240.7.30) From: Confirmation<unsubscribe6918@sanjaysdiesel.shop> Subject: Unsubscribe_me Date: Thu, 2 Dec 2021 04:5x:xx +0000

phishing server

162.0.228.191|accesfailedcard.com|2021-12-02 05:51:03 162.0.228.191|accountwfsuspended.cards|2021-12-02 01:31:17 162.0.228.191|failloginmobile.com|2021-12-02 04:50:48 162.0.228.191|infoalertshelp.com|2021-12-02 04:55:52 162.0.228.191|noticeaccountalerts.cards|2021-12-02 01:16:28 162.0.228.191|updatemessagesinfo.com|2021-12-02 03:51:09 162.0.228.191|wfmemberprotect.com|2021-12-02 05:00:51

phishing server

citivalidatesecure.com 2021-12-02 04:16:34 secure-myaccvalidation.com 2021-12-01 22:31:41 myacc-secure.cf 2021-12-01 22:11:43 citisecure-validate09.cf 2021-12-01 22:11:37 securedvalidationmyinfo-securitycheck.cf 2021-12-01 21:47:06 myacc-validation.ml 2021-12-01 06:02:21 validationformsecure9.cf 2021-12-01 00:35:05 secure310set.com 2021-11-28 12:46:34 securitychecksecure.cf 2021-11-28 09:11:06 secureverification08.cf 2021-11-27 21:04:05 securedverify082.cf 2021-11-27 13:38:05 securedform8.cf 2021-11-27 01:16:34 secure08case.ml 2021-11-25 02:07:03 validateformsupport.cf 2021-11-23 15:57:44 securedformverify.online 2021-11-23 00:15:11 securedformverify.gq 2021-11-22 16:01:05 secureformvalidation.cf 2021-11-22 03:25:05 securevalidationcase.com 2021-11-21 21:36:36

Malware botnet controller @95.213.216.194

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 95.213.216.194 on port 443: $ telnet 95.213.216.194 443 Trying 95.213.216.194… Connected to 95.213.216.194. Escape character is… Читать далее Malware botnet controller @95.213.216.194

Loki botnet controller @172.67.149.73

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.149.73 on port 80 (using HTTP POST): hXXp://lokich.xyz/icecobe/so/lc.php $ dig +short lokich.xyz 172.67.149.73 Referencing malware binaries (MD5 hash): 87318f1d305066bd1c251de584450134 — AV detection:… Читать далее Loki botnet controller @172.67.149.73