Hosting.Black — Страница 161 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

Loki botnet controller @34.67.200.50

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 34.67.200.50 on port 80 (using HTTP POST): hXXp://domynuts.ga/accounts/fre.php domynuts.ga. 300 IN A 34.67.200.50 $ nslookup 34.67.200.50 50.200.67.34.bc.googleusercontent.com Referencing malware binaries (MD5 hash):… Читать далее Loki botnet controller @34.67.200.50

GCleaner botnet controller @185.231.245.232

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. GCleaner botnet controller located at 185.231.245.232 on port 80 (using HTTP GET): hXXp://postbackstat.biz/check.php Malware botnet controller at 185.231.245.232 on port 443. $ telnet 185.231.245.232 443 Trying 185.231.245.232…… Читать далее GCleaner botnet controller @185.231.245.232

Malware botnet controllers @45.8.124.17

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.8.124.17 on port 443: $ telnet 45.8.124.17 443 Trying 45.8.124.17… Connected to 45.8.124.17. Escape character is… Читать далее Malware botnet controllers @45.8.124.17

phishing server

34.125.100.143|accountinfo.net|2021-11-29 20:26:46 34.125.100.143|onli2ne-login01citi.com|2021-11-30 19:41:16 34.125.100.143|securemyinfo.net|2021-11-30 17:11:47 34.125.100.143|secverifymyinfo.com|2021-11-28 16:55:43 34.125.100.143|secverifymyinfo.support|2021-11-28 19:35:51

phishing server

online-citi-secure-panel-secure-site.com 2021-11-30 19:36:31 online-citi-secure-panel-secure-recovery.com 2021-11-30 19:55:13

Spam source

Return-Path: <marshal.sequira@us-insight.com> Received: from ipsa.2.rmjb2.com (ipsa.2.rmjb2.com [54.38.144.192]) by [] (8.14.7/8.14.7) with ESMTP id [] (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for []; Tue, 30 Nov 2021 13:[]:[] -0500 Authentication-Results: [] DKIM-Signature: [] Return-Receipt-To: «marshal sequira» <marshal.sequira@us-insight.com> From: «marshal sequira» <marshal.sequira@us-insight.com> To: [] Subject: LIMS / CTMS — Tech Users Accounts Date: Tue, 30 Nov 2021 10:[]:[] -0800… Читать далее Spam source

AsyncRAT botnet controller @20.151.221.59

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.151.221.59 on port 1604 TCP: $ telnet 20.151.221.59 1604 Trying 20.151.221.59… Connected to 20.151.221.59. Escape character… Читать далее AsyncRAT botnet controller @20.151.221.59

phishing server

13.76.215.64|claimyourpayment.com|2021-11-30 01:31:09 13.76.215.64|getpaidservice.com|2021-11-30 14:22:25 13.76.215.64|getpaidserviceandterm.com|2021-11-30 02:20:58 13.76.215.64|limitedaccessform.securedgovaccess24-7.com|2021-11-30 15:34:05 13.76.215.64|paytaxwithsecure.com|2021-11-29 17:30:25 13.76.215.64|renewmemberspayment.com|2021-11-29 15:17:08 13.76.215.64|secureaccessform.claimyourpayment.com|2021-11-30 11:47:30 13.76.215.64|securedgovaccess24-7.com|2021-11-30 14:47:03 13.76.215.64|serviceterm.paytaxwithsecure.com|2021-11-29 18:15:29

spam emitter @143.198.53.108

Received: from mail.omsking.me (143.198.53.108) From: «BTC Kontosaldo» <contact@omsking.me> Subject: [], saldoen din er klar for utbetaling i dag Date: Tue, 30 Nov 2021 07:4x:xx -0800

spam emitters

Received: from s8.megojom.ru (megojom.ru [77.244.216.133]) Date: Tue, 30 Nov 2021 04:0x:xx +0000 From: Aleksandr <info@s8.megojom.ru> Subject: Предложение 77.244.216.130 tefalongo.ru 77.244.216.131 eseneno.ru 77.244.216.132 derwerer.ru 77.244.216.133 megojom.ru 77.244.216.134 welbryh.ru