Hosting.Black — Страница 47 — Полный архив спамхауса, просто так, чтобы было для Истории рынка | hostsuki.link | добавить мониторинг если нету категории/компании, напишите на hosting-black@hosting.wtf

Loki botnet controller @188.114.96.15

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 188.114.96.15 on port 80 (using HTTP POST): hXXp://qtd8gcdoplav737wretjqmaiy.gq/Kent2/fre.php $ dig +short qtd8gcdoplav737wretjqmaiy.gq 188.114.96.15 Referencing malware binaries (MD5 hash): 01dfa2db4bfb87e5a5d2d4e5d8c00f5f — AV detection:… Читать далее Loki botnet controller @188.114.96.15

Suspected Snowshoe Spam IP Range — Moroccans, maybe?

2022.03.16 The same spammer can be found in: 139.99.136.0/24, 139.99.160.0/24, 51.161.148.0/24 Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a… Читать далее Suspected Snowshoe Spam IP Range — Moroccans, maybe?

phishing server

3.143.208.201|accountrecovery-chase.com|2022-03-15 16:58:04 3.143.208.201|chasebank-accounthelp.com|2022-03-15 20:31:23 3.143.208.201|chasebank-accountrecovery.com|2022-03-15 21:36:38 3.143.208.201|identitysupport-wellsfargo.com|2022-03-15 16:58:04 3.143.208.201|redirect-chaseonline.com|2022-03-15 23:06:23 3.143.208.201|redirect-securelogin-wellsfargo.com|2022-03-16 03:56:55 3.143.208.201|wellsfargo-accountrecovery.com|2022-03-15 19:32:03

Loki botnet controller @193.42.113.143

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 193.42.113.143 port 443: $ telnet 193.42.113.143 443 Trying 193.42.113.143… Connected to 193.42.113.143. Escape character is ‘^]’… Читать далее Loki botnet controller @193.42.113.143

phishing server

3.144.111.184|mtalert.com|2022-03-06 18:16:01 3.144.111.184|mtbankresponse.com|2022-03-14 11:45:25 3.144.111.184|mtbankresponse.net|2022-03-14 00:21:14 3.144.111.184|mtbankresponseapp.com|2022-03-13 08:11:28 3.144.111.184|mtbankresponsedirect.com|2022-03-12 22:56:08 3.144.111.184|mtbresponsecase.com|2022-03-08 03:45:22 3.144.111.184|mtquickresponsecase.com|2022-03-06 18:51:23 3.144.111.184|mywaoeamnrwam.com|2022-03-14 09:45:22 3.144.111.184|newwaoeamnrwam.com|2022-03-08 19:27:25 3.144.111.184|pay2xfinity.com|2022-03-15 21:22:21 3.144.111.184|payxfinitynow.com|2022-03-15 21:22:09 3.144.111.184|portalaccessupdate.com|2022-03-05 18:06:49 3.144.111.184|securecitizensbankcase.com|2022-03-15 20:37:22 3.144.111.184|securecomcast.com|2022-03-15 21:22:21 3.144.111.184|securewellsfargoresponse.com|2022-03-15 02:45:27 3.144.111.184|secxfinity.com|2022-03-15 21:22:16 3.144.111.184|supportmtbportal.com|2022-03-04 08:19:00 3.144.111.184|waoeamnrwam.com|2022-03-09 23:45:27 3.144.111.184|waoeamnrwamgroup.com|2022-03-14 15:45:27 3.144.111.184|waoeamnrwamshop.com|2022-03-13 16:06:52 3.144.111.184|wellsfargohelpcase.com|2022-03-14 19:46:58 3.144.111.184|wellsfargohelpscase.com|2022-03-14 20:17:09 3.144.111.184|wellsfargoresponse.com|2022-03-14 19:46:38 3.144.111.184|www.wellsfargoresponse.com|2022-03-14 12:10:34

Loki botnet controller @185.68.21.19

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.68.21.19 port 443: $ telnet 185.68.21.19 443 Trying 185.68.21.19… Connected to 185.68.21.19. Escape character is ‘^]’… Читать далее Loki botnet controller @185.68.21.19

Malware / Botnet / Phishing hosting server @193.42.113.176

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 193.42.113.176 443 TCP:… Читать далее Malware / Botnet / Phishing hosting server @193.42.113.176

phishing server

164.92.94.73|authorizewells.com|2022-03-15 01:31:27

Malware botnet controller @198.244.224.126

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 198.244.224.126$ telnet 198.244.224.126 443 Trying 198.244.224.126… Connected to 198.244.224.126. Escape character is ‘^]’ on port 443. Malicious domains observed at this IP address:… Читать далее Malware botnet controller @198.244.224.126

phishing server

20.22.209.232|updateswellsfargo.com|2022-03-14 23:41:30