Hosting.Black — Страница 214 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

WSHRAT botnet controller @137.184.6.37

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 137.184.6.37 on port 7121 TCP: $ telnet 137.184.6.37 7121 Trying 137.184.6.37… Connected to 137.184.6.37. Escape character… Читать далее WSHRAT botnet controller @137.184.6.37

Phishing payload against the Finnish national health

$ host danske-pankki.work danske-pankki.work has address 172.67.211.228 danske-pankki.work has address 104.21.85.232 danske-pankki.work has IPv6 address 2606:4700:3034::ac43:d3e4 danske-pankki.work has IPv6 address 2606:4700:3034::6815:55e8 hxxps[://]danske-pankki[.]work/kanta.php — geoblocked by cloudflare from anywhere else but the intended target market, confirmed by VPN

Phishing payload against the Finnish national health

spam emitters

Received: from s6.megojom.ru (megojom.ru [185.186.2.106]) Date: Tue, 26 Oct 2021 11:1x:xx +0000 From: Aleksandr <info@s6.megojom.ru> Subject: Предложение 185.186.2.106 megojom.ru 185.186.2.107 tefalongo.ru 185.186.2.108 raferenco.ru 185.186.2.109 telefonsho.ru 185.186.2.110 grehemon.ru

BitRAT botnet controller @34.121.150.14

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 34.121.150.14 on port 4542 TCP: $ telnet 34.121.150.14 4542 Trying 34.121.150.14… Connected to 34.121.150.14. Escape character… Читать далее BitRAT botnet controller @34.121.150.14

Spamvertised website

2021-10-26 crystals.com.de. 60 IN A 165.232.118.6 2021-10-25 crystals.com.de. 60 IN A 46.101.3.14 Received: from gotogml.com (gotogml.com. [185.122.223.223]) From: 🔔Gemeentelijk Energie <[]@gotogml.com> Date: Fri, 08 Oct 2021 09:1x:xx +0000 Subject: Nieuw in uw gemeente: bespaar via het Gemeentelijke Energie Collectief http://crystals.com.de/rd/[] 185.146.157.69 https://laudypauty.com/[] 209.159.146.166 https://sendt.go2cloud.org/aff_c?offer_id=2893&aff_id=1482&aff_sub=472864&aff_sub2=[]&aff_sub3=31 18.202.12.61

spam emitter @50.116.30.44

Received: from overca.com (50.116.30.44) From: Apple Umfrage<reply@apple.ru!>;<service@stayfriends.de> Subject: Die ersten iPhones 12 sind im Laden. Einer ist für dich [] Date: Mon, 25 Oct 2021 18:3x:xx +0000

Estonian corporate undertaker spam

Return-Path: <eisoovi2021@gmail.com> Received: from keen-bose.206-189-108-1.plesk.page (unknown [206.189.108.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by x (Postfix) with ESMTPS id x for <x>; Mon, 25 Oct 2021 ##:##:## +0000 (UTC) or Received: from sad-volhard.143-110-216-170.plesk.page (unknown [143.110.216.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by x… Читать далее Estonian corporate undertaker spam

Estonian corporate undertaker spam

Phishing payload against OP Financial Group (Finland)

$ host op-paasy.work op-paasy.work has address 172.67.199.154 op-paasy.work has address 104.21.36.209 op-paasy.work has IPv6 address 2606:4700:3035::ac43:c79a op-paasy.work has IPv6 address 2606:4700:3033::6815:24d1