Source | Description | Last Seen | References |
---|---|---|---|
Phishtank | Suspected phishing site, identified through community verification and analysis | 08/30/2020 06:21:18 (UTC) | |
Public Mastodon servers | Associated with Public Mastodon servers | 12/20/2022 00:00:00 (UTC) | |
oisd.nl | Malware detected with this host, including blocks ads, (mobile) app ads, phishing, malvertising, malware, spyware, ransomware, cryptoJacking, scam, etc. | 11/19/2024 00:05:32 (UTC) | 10doigt.fr,123mkv.space,24pharm.online,42a5d530ec972d8994.com,61739011039d41a.com,ad.obuy.tw,adskeeper.co,aitu.red,annoyincumbent.top,archivesdepartementales.fr,asoti.top,baberas.top,barnsalodial.top,berispat.top,bibita.fr,boch-home.com,bouyuestelecom.fr,brcodepot.fr,bricodept.fr,cancerdepiel.info,candimix.fr,cd490573c64f3f.com,centreinffo.fr,ceteleme.fr,chgas.top,clubdoctissimo.fr,cocogg.fr,coinorbitfxtrade.com,commisariat.fr,connect-racco.fr,copernicusdm.pl,coulidor.fr,covidcrisis.info,crackkeygengame.com,creancespublic.fr,dailyinformations.com,dcotolib.fr,decathln.fr,defis-metier.fr,demandedelogement35.fr,demandedelogement56.fr,diwcord.com,dmlight.fr,dos.velek.com,doublehsupply.net,economicalerts.com,edisaxe.fr,equpe.fr,facelikes.net,fairnessels.com,fcsm.fr,forexinsurance.com,formassmat.fr,freebookmarkme.xyz,full-vip.top,fxclix.com,geoportails.fr,gfind.org,giventhe.com,gmrewardsmastercardsweps.com,groupbuyluxury.com,hackcheatz.com,hondrox.fr,htpsssmobiletwitter.com,httpsssmobiletwiter.com,httpsssmobiletwitter.com,i010b048d3e4a1e4b70aba72b169e70c90971f9.xyz,impotgouvernement.fr,indeeed.fr,iparcour.fr,keytds.ru,kickasstorrents.website,kino-filmy.pl,kiwi123kiwi.work,klibero.it,kmfuda.com,laurentmariotte.fr,lavor.fr,lesphotosscolaires.fr,levemir.info,line-b.vip,lingui.fr,livrescolair.fr,lyoncapital.fr,magoo.in,maisen.grass.com,maretraitesnupes.fr,mariefrancemagazine.fr,mastercardsoccersweep.com,mcdonlds.fr,media-planeta.pl,megago.com,microsoft.blg.lt,modialrelay.fr,mondialtissu.fr,moneytwinss.com,monlabomesanalyses.fr,monpower.fr,msmrus.ru,mtpgame.com,nesuc.com,newsm247.online,nisbet.fr,onisap.fr,pancaliente.info,partenord.fr,personalico.xyz,pmuturf.fr,populis.fr,prefecturedurhone.fr,premiumhackgames.com,pronot.fr,pronotes.fr,ranal.net,redure.com,reg.chaindaohang.com,replubblica.it,routenplaner-online.de,rownip.dyndnss.netrownip.dyndnss.net,samskuad.work,simpccity.su,simpciity.su,simpocity.su,sipmcity.su,skycanner.fr,smokinhotsolos.com,spekturm.de,srvice-public.fr,teamtesters.com,the-decomposers.com,thequantumcode.net,toren.biz,tuyfly.fr,uprisingdlcfree.com,vollebude.de,vruna.com,wapdollar.in,websitedev.online,wellsfargobusinesscreditcards.com,windaw.com,wordonline.fr,wwamelie.fr,wwwcmu.fr,wwwcnfpt.fr,wwwdhl.fr,wwwespaceclientcanal.fr,wwwinsee.fr,xn--mdicale-bya.fr,xn--monanesthsiste-jkb.fr,xn--monkitrentre-leb.fr,xn--pass-ducation-fhb.fr,xn--rgionsud-b1a.fr,xn--somedsant-j4a.fr,xxcsgoxx.javafaq.nu,youthstockholm50.global,youtubeabone.xyz |
Politie.nl | Malware detected with this host, including domains and IPs used for phishing attacks and malware distribution. | 12/28/2023 01:24:40 (UTC) | 0www.cloud-miner.de,10doigt.fr,17845.againd.name,2997.againd.name,2l.googlo.co,3a.googlo.co,42a5d530ec972d8994.com,61739011039d41a.com,ad.obuy.tw,admin.adverti.io,ads.at.adcenter.net,adskeeper.co,advertiser.adverti.io,archivesdepartementales.fr,banners.bannerlandia.com.ar,billing.adverti.io,blog.advancets.org,bouyuestelecom.fr,brcodepot.fr,bricodept.fr,cancerdepiel.info,candimix.fr,cd490573c64f3f.com,cdn.adverti.io,centreinffo.fr,ceteleme.fr,cgooglo.cohijack.googlo.co,clubdoctissimo.fr,cocogg.fr,commisariat.fr,connect-racco.fr,copernicusdm.pl,coulidor.fr,crackkeygengame.com,creancespublic.fr,ct.adcenter.net,dashboard.adverti.io,dcotolib.fr,defis-metier.fr,demandedelogement35.fr,demandedelogement56.fr,diwcord.com,dmlight.fr,dos.velek.com,edisaxe.fr,education.advancets.org,equpe.fr,fairnessels.com,fcsm.fr,formassmat.fr,ftp.whatstheirip.com,fxclix.com,geoportails.fr,hackcheatz.com,hdcebky.heartchakracheckup.com,help.adverti.io,hj.googlo.co,hondrox.fr,htpsssmobiletwitter.com,httpsssmobiletwiter.com,httpsssmobiletwitter.com,i010b048d3e4a1e4b70aba72b169e70c90971f9.xyz,image.advancets.org,img.bannerlandia.com.ar,img.thebugs.ws,indeeed.fr,iparcour.fr,j.googlo.co,js.wapdollar.in,keytds.ru,kickasstorrents.website,kino-filmy.pl,klibero.it,laurentmariotte.fr,lavor.fr,lesphotosscolaires.fr,lingui.fr,livrescolair.fr,lyoncapital.fr,mariefrancemagazine.fr,mcdonlds.fr,media-planeta.pl,microsoft.blg.lt,modialrelay.fr,mondialtissu.fr,monpower.fr,mtpgame.com,n4.pancaliente.info,nisbet.fr,onisap.fr,p242.againd.name,pancaliente.info,partenord.fr,passwd.thebugs.ws,pet.thebugs.ws,populis.fr,premiumhackgames.com,pronot.fr,pronotes.fr,q4z6e.googlo.co,replubblica.it,retraitemoncompte.fr,routenplaner-online.de,samskuad.work,serve.adverti.io,skycanner.fr,srvice-public.fr,tds-crew.thebugs.ws,tester.advancets.org,timg.advancets.org,uprisingdlcfree.com,wapdollar.in,wordonline.fr,ww25.61739011039d41a.com,ww38.fairnessels.com,ww84.61739011039d41a.com,wwwespaceclientcanal.fr,xn--mdicale-bya.fr,xn--monanesthsiste-jkb.fr,xn--monkitrentre-leb.fr,xn--pass-ducation-fhb.fr,xn--somedsant-j4a.fr |
ZeroDot1 CoinBlockerLists | Involved in cryptojacking | 11/25/2024 00:11:49 (UTC) | 0.0bureau-a-distance-1.c-cex.com,0antivirus.c-cex.com,0antivirus1.c-cex.com,0betastratum.coinking.io,0bureau-a-distance-1.c-cex.com,0bureau-a-distance-6.c-cex.com,0corona.c-cex.com,0eu1.coinking.io,0freeofvirus.c-cex.com,0ftp.coinking.io,0helpdesk.coinking.io,0hostmaster.www.c-cex.com,0imap.coinking.io,0m2.c-cex.com,0napple.coinking.io,0nasia1.coinking.io,0nasia2.coinking.io,0noreply.c-cex.com,0scrypt1.coinking.io,0us2.coinking.io,0virus.c-cex.com,0viruscomix.c-cex.com,0www.cloud-miner.de,0www.coinking.io,0www.ftp.coinking.io,0yeastinfectioncurehq.c-cex.com,antivirus.c-cex.com,antivirus1.c-cex.com,apple.coinking.io,blog.coinking.io,bureau-a-distance-6.c-cex.com,eu1.coinking.io,eu2.coinking.io,flypool.com,freeofvirus.c-cex.com,ftp.coinking.io,helpdesk.coinking.io,hideip.c-cex.com,imap.coinking.io,m.c-cex.com,m2.c-cex.com,mail.c-cex.com,mail.coinking.io,napple.coinking.io,nasia1.coinking.io,ostmaster.eu1.coinking.io,ostmaster.us2.coinking.io,ostmaster.watermelon.coinking.io,ostmaster.www.coinking.io,ring.c-cex.com,rpc.scrypt1.coinking.io,samsin34.c-cex.com,smtp.c-cex.com,us1.coinking.io,viruscomix.c-cex.com,watermelon.coinking.io,www.antivirus1.c-cex.com,www.asia1.coinking.io,www.betastratum.coinking.io,www.coinking.io,www.m.c-cex.com,www.m2.c-cex.com,www.mail.c-cex.com,www.noreply.c-cex.com,www.rpc.scrypt1.coinking.io,www.trossmining.de,www.us2.coinking.io,www.watermelon.coinking.io,yeastinfectioncurehq.c-cex.com |
Hybrid-Analysis | Host has shown activity related to malware. | 11/27/2024 05:15:08 (UTC) | 2024wallet.xyz,admin.rviewingamazon.com,amazonbuisness.com,apple.iphone-location.us,artverify.xyz,asicloud.xyz,b-graph.facegook.com,bank-wallet.xyz,basepayments.xyz,bitcoinmanager.xyz,bitcoinwalletbtc.xyz,btc-15.bitcoincashabc.xyz,btc-coin.xyz,btcza.xyz,bulkpayments.xyz,c3-amazon.top,cicd.1wjccb.top,citibankcreditcardpayment.com,coincbdc.xyz,commer.su,contactfacebookcustomerservice.com,cpanel.amazonap.com,crullkats.top,db.gmagl.com,dbscardgame.com,dreamwallet.xyz,drivegoogle.com,epicpayment.xyz,esperanza.info,facepayments.xyz,factonline.xyz,fleza.xyz,flixhq.re,flower-delivery-service.xyz,fmvs.jp,foodpayment.xyz,foulji.facegook.com,foxpayment.xyz,fr.wakeupmicrosoft.com,grandwallet.xyz,host4star.com,https.wwwfacebook.co,ilovetehpussay.host4star.com,img.mangastream.to,immersive-wallet.xyz,industry.tj.mypolicy.top,info.paypalbitcoin.com,japanpayment.xyz,kemono.sy,microsoftexcel.it,microsoftintern.org,multiplaza.xyz,ns.correo.tbmc.ie,ns.sipayments.xyz,onlinebanks.xyz,paypalaccountssettlement.com,pmuturf.fr,pp.paypalbitcoin.com,proverify.xyz,quantbank.xyz,rakuten.1wfjd.top,ramblinghouse.org,reddit.rest,redirectwallet.xyz,robotwallet.xyz,sapple.iphone-location.us,sb-graph.facegook.com,seekpayment.xyz,selfpayment.xyz,sites.paypalbitcoin.com,smbasic.facegook.com,smilewallet.xyz,soundalert.xyz,ssmbasic.facegook.com,stanza.info,sts.mfa.gov.tr.mypolicy.top,superverify.xyz,support.apple.iphone-location.us,syncbitcoin.xyz,techpayment.xyz,tokenscoop.xyz,tokensupplier.xyz,trustlesswallet.xyz,usapayments.xyz,verifyapp.xyz,verifycasino.xyz,verifyverse.xyz,verifyworld.xyz,viruscoin.xyz,vpn.facegook.com,vpnpayments.xyz,wallet-bank.xyz,wallet678.xyz,walletbasket.xyz,walletmints.xyz,walletprompt.xyz,walletreports.xyz,walletverify.xyz,webdisk.amazonap.com,webmail.amazonap.com,ws.zaxy.xyz,ww1.irisverify.xyz,ww12.walletverify.xyz,yaoo.co.uk,youralert.xyz,youtub.de,youverify.xyz,zagy.xyz |
urlscan.io | Phishing detected during url scan | 11/27/2024 00:11:08 (UTC) | access.hotmaol.nl,admin.floralexplorations.com,analytics.nitroracer.com,androidkino.zetflix-biz.site,anyconnect.hotmaol.nl,anywhere.hotmaol.nl,app1.snobud.com,app1.top-franchising.com.ua,app1.trustpiolet.com,appie.57-1.com,appie.costa-crociere.com,appie.polkadotexchange.xyz,appie.qcfemployeebenefits.com,applications.hotmaol.nl,applydiscovrrit.com,apps.hotmaol.nl,asp.hotmaol.nl,autoconfig.amazon.net.au,autoconfig.cybersport.it,awvpn.hotmaol.nl,bimbelonlinepolisi.yellowpages.com.my,cisapp.hotmaol.nl,citrixcloud.hotmaol.nl,clientesvpn.hotmaol.nl,connect.hotmaol.nl,cuvpn.hotmaol.nl,discobars.it,ebdisk.facebook.invitse.com,exchange.hotmaol.nl,facebook.invitse.com,google.cibet.com,google.com.bestweb.it,google.com.rednote.com,gookgle.pl,gp.hotmaol.nl,hytrin.zepzip.info,i.hotmaol.nl,identity.hotmaol.nl,isoremote.vulcanrider.se,kahoot.microsoft.notebookcast.prnewswire.fi,mail01.epsilon.com.au,microsoft.cdu.com,mobileconnect.hotmaol.nl,mojknaqp.freeonlinecreditscore.com,monitoring-software.heavenward.ru,mywork.hotmaol.nl,notexistsapi.lululemonreards.com,notexistsbackend.spaceexplorationday.space,notexistsdev.lululemonreards.com,ofinovardweb.vulcanrider.se,online.hotmaol.nl,owa.hotmaol.nl,portal-labvpn.hotmaol.nl,portal.hotmaol.nl,pro.hotmaol.nl,pro.vulcanrider.se,pvc.hotmaol.nl,pvitu.hotmaol.nl,reporting.theschoolofthedamned.com,roblox.t-shirt.com,root.thecyberstore.com,rustihogar.com,rxsemaglutide.com.psychedeliccounselingforum.net,samazon.amsung.com,scotiaweb.scotiabank.net,shop.dynomat.com,smtps.intl.paypala.com,sportdobermann.at,stor.sreampowered.com,storr.sreampowered.com,superset.cukierbrzozowy.pl,translate.ggogle.es,tv.zip-pay.com,twitch.bulcao.com,vpn-ext.hotmaol.nl,vpn.hotmaol.nl,vpn.oudlook.com,vpn1.oudlook.com,vpn2.oudlook.com,vpn2x.hotmaol.nl,vpn5a.hotmaol.nl,vpnadm.hotmaol.nl,vpnapac.hotmaol.nl,vpngate.hotmaol.nl,vpngw.hotmaol.nl,vpnma.hotmaol.nl,webdisk.wwwroblox.net,webvpn.hotmaol.nl,ww.nitrogena.com,ww2.dynomat.com,ww5.rollblox.com,xapp.hotmaol.nl,xd.hotmaol.nl |
Botvrij | Malicious bot activity or other cyber threats, based on reports from users and trusted sources. Reason: Anomali Open Source Threat Intelligence (COVID-19-themed Cyber Attacks) | 11/22/2024 00:00:34 (UTC) | coronavirusmedicalkit.com |
Botvrij | Malicious bot activity or other cyber threats, based on reports from users and trusted sources. Reason: Covid Slack IOC - bambenek Curated List of Covid Themed Domains from Anomali | 11/22/2024 00:00:34 (UTC) | coronavirusmedicalkit.com |
Botvrij | Malicious bot activity or other cyber threats, based on reports from users and trusted sources. Reason: Coronavirus Threat Landscape Update - Proofpoint | 11/22/2024 00:00:24 (UTC) | coronavirusmedicalkit.com |
PhishStats | Phishing URL | 09/01/2024 20:18:25 (UTC) | allegro.pll.pl,rtyquzkg.swissquotestaking.k888vip.xyz,swissquotestaking.k888vip.xyz |
Phishing Army | Involved in phishing activities | 11/22/2024 00:05:16 (UTC) | allegro.pll.pl,alt1.aspmx.l.google.com.documentare.it,alt1.aspmx.l.google.com.mydocuments.it,alt1.aspmx.l.google.com.serviceclean.it,alt1.aspmx.l.google.com.servicequality.it,app1.sacpros.org,apple-realm.de,apple.iphone-location.us,aspl.google.com.documentare.it,aspmx.l.google.com.bankok.it,aspmx.l.google.com.serviceclean.it,b-graph.facegook.com,cancerdepiel.info,foulji.facegook.com,google.com.mydocuments.it,google.com.servicequality.it,l.google.com.bankok.it,l.google.com.documentare.it,l.google.com.mydocuments.it,l.google.com.needhelp.it,l.google.com.serviceclean.it,l.google.com.servicequality.it,ljxvdkwz.swissquotestaking.k888vip.xyz,mail11.facegook.com,mbasic.facegook.com,mta-sts.aspmx.l.google.com.bankok.it,mta-sts.aspmx.l.google.com.needhelp.it,mta-sts.aspmx.l.google.com.serviceclean.it,mta-sts.aspmx.l.google.com.servicequality.it,ns.correo.tbmc.ie,rtyquzkg.swissquotestaking.k888vip.xyz,sapple.iphone-location.us,sb-graph.facegook.com,smbasic.facegook.com,ssmbasic.facegook.com,support.apple.iphone-location.us,swissquotestaking.k888vip.xyz,vpn.facegook.com |
Abuse.ch ThreatFox | Deemed malicious due to: Nanocore RAT | 09/27/2023 18:39:36 (UTC) | xxcsgoxx.javafaq.nu |
PhishTank | Detected phishing site focused on: {action} | 11/01/2024 12:06:46 (UTC) | cancerdepiel.info,ljxvdkwz.swissquotestaking.k888vip.xyz |
Abuse.ch ThreatFox | Deemed malicious due to: AsyncRAT | 09/10/2023 21:58:14 (UTC) | rownip.dyndnss.netrownip.dyndnss.net |
Copyright © 2024 SecureFeed. All rights reserved.
Terms of Service | Privacy Policy