# # File: Risk # Info: Worst ISP Bots/Spam, Software Hosts, Potential domains used by compromised devices # Domains: 202 # Updated: 11/22/2024 19:43 (7:43 PM CST) # # RAW: https://raw.githubusercontent.com/ShadowWhisperer/BlockLists/master/Lists/Risk # Git: https://github.com/ShadowWhisperer/BlockLists.git # ########################################################################################### # https://www.spamhaus.org/statistics/networks/ # ########################################################################################### tedata.net #ISP Worst Botnet Oct 2019 te.eg #ISP Worst Botnet Oct 2019 vnnic.vn #ISP Worst Botnet Oct 2019 adityabirla.com #ISP Worst Botnet Feb 2020 algerietelecom.dz #ISP Worst Botnet Feb 2020 chinanet.cn.net #ISP Worst Botnet Feb 2020 cnc-noc.net #ISP Worst Botnet Feb 2020 ptcl.net.pk #ISP Worst Botnet Feb 2020 sancharnet.in #ISP Worst Botnet Feb 2020 telkom.co.id #ISP Worst Botnet Feb 2020 vnnic.net.vn #ISP Worst Botnet Feb 2020 zx.nl #ISP Worst Botnet Feb 2020 zvi.ru #ISP Worst Botnet Apr 2020 zylon.net #ISP Worst Botnet May 2020 charter.net #ISP Worst Botnet Nov 2020 chinamobile.com #ISP Worst Botnet Nov 2020 ntl.com #ISP Worst Botnet Nov 2020 rr.com #ISP Worst Botnet Nov 2020 airtel.in #ISP Worst Spam Feb 2019 kornet.net #ISP Worst Spam Oct 2019 moldtelecom.md #ISP Worst Spam Oct 2019 htu.cc #ISP Worst Spam Feb 2020 spectranet.com.ng #ISP Worst Spam Feb 2020 zzidc.com #ISP Worst Spam Feb 2020 fos-vpn.org #ISP Worst Spam Apr 2020 chinaccs.cn #ISP Worst Spam May 2020 fink.org #ISP Worst Spam May 2020 ghlc.biz #ISP Worst Spam Jun 2020 inter-cloud.tech #ISP Worst Spam Jun 2020 colocrossing.com #ISP Worst Spam Nov 2020 skbroadband.com #ISP Worst Spam Apr 2021 wind.com.do #ISP Worst Spam Apr 2021 ########################################################################################### ########################################################################################### ariesbee.com #HoneyGain - Make money by sharing your Internet aurigabee.xyz #HoneyGain - Make money by sharing your Internet bootesbee.com #HoneyGain - Make money by sharing your Internet honeygain.com #HoneyGain - Make money by sharing your Internet 100k-faces.glitch.me #Create random fake users (Site it safe. Abused by scam/phising sites to show "user reviews") randomuser.me #Create random fake users (Site it safe. Abused by scam/phising sites to show "user reviews") https://randomuser.me/api/ generated.photos #Create random fake users (Site it safe. Abused by scam/phising sites to show "user reviews") static.generated.photos #Create random fake users (Site it safe. Abused by scam/phising sites to show "user reviews") kidinspector.com #Computer Monitoring mobistealth.com #Computer Monitoring retinax.com #Computer Monitoring cocospy.com #Computer / Phone Monitoring sharemyinsight.com #Customer Monitoring *Not likely user side cerberusapp.com #Phone Monitoring devicetrackerplus.com #Phone Monitoring eyezy.com #Phone Monitoring spy24.app #Phone Monitoring spyfone.com #Phone Monitoring spyhuman.com #Phone Monitoring spyine.com #Phone Monitoring spymasterpro.com #Phone Monitoring spyzie.io #Phone Monitoring mspy.de #Phone Tracking actualkeylogger.com #Keylogger ardamax.com #Keylogger bestxsoftware.com #Keylogger blazingtools.com #Keylogger elitekeyloggers.com #Keylogger iwantsoft.com #Keylogger kidlogger.net #Keylogger logixoft.com #Keylogger mobilespy.b-cdn.net #Keylogger netbull.com #Keylogger pctattletale.com #Keylogger refog.com #Keylogger relytec.com #Keylogger spyarsenal.com #Keylogger spyrix.cc #Keylogger spyrix.com #Keylogger spyrix.info #Keylogger win-spy.com #Keylogger wolfeye.us #Keylogger hikvision.com #Chineese Security Cameras - Banned By US Gov api.hikvision.com #Chineese Security Cameras - Banned By US Gov hikvision.com.cn #Chineese Security Cameras - Banned By US Gov codefactory.sh #Code Hosting onrender.com #Code Hosting codesandbox.io #Code Hosting - Hosts malware csb.app #Code Hosting - Hosts malware bitbucket.io #Code Hosting - Hosts malware / scam sites glitch.me #Code Hosting - Hosts malware / scam sites repl.co #Code Hosting - Hosts malware / scam sites repl.it #Code Hosting - Hosts malware / scam sites stackblitz.io #Code Hosting - Hosts malware / scam sites workers.dev #Code Hosting (Cloudflare Workers) appdomain.cloud #Cloud Storage (IBM) - Known to have malware top4top.io #Cloud Storage - Known to have malware aapks.com #APK Hosting (Android Apps) apkcombo.com #APK Hosting (Android Apps) apkcombo.org #APK Hosting (Android Apps) apkflash.com #APK Hosting (Android Apps) uptodown.com #APK Hosting (Android Apps) zde.cz #Redirector href.li #Referer Hiding noreferrer.cc #Referer Hiding refererhider.com #Referer Hiding kingoapp.com #Shady Software - Android Rooting Software oneclickroot.com #Shady Software - Android Rooting Software api-main.oneclickroot.com #Shady Software - Android Rooting Software apponic.com #Software Hosting avanquest.com #Software Hosting brothersoft.com #Software Hosting cache.filehippo.com #Software Hosting cdn.filehorse.netdna-cdn.com #Software Hosting crsky.com #Software Hosting dl1.filehippo.com #Software Hosting download82.com #Software Hosting downloadsoftware4free.com #Software Hosting en.vessoft.com #Software Hosting fileeagle.com #Software Hosting filehippo.com #Software Hosting filehorse.com #Software Hosting filehorse.sbsd-updates.eu #Software Hosting filesriver.com #Software Hosting freefiles-18.de #Software Hosting freesoftwarefiles.com #Software Hosting freeware.de #Software Hosting fs1.filesriver.com #Software Hosting fs2.download82.com #Software Hosting fyxm.net #Software Hosting getitfree.us #Software Hosting jetelecharge.com #Software Hosting oovoo.com #Software Hosting qarchive.org #Software Hosting sftapi.com #Software Hosting soft32download.com #Software Hosting softonic.com #Software Hosting softonic.info #Software Hosting softonic.it #Software Hosting softoniclabs.com #Software Hosting softpedia.com #Software Hosting vessoft.com #Software Hosting vessoftstatic.com #Software Hosting winsite.com #Software Hosting burrow.io #Share Localhost localhost.run #Share Localhost localtunnel.me #Share Localhost ngrok.io #Share Localhost showoff.io #Share Localhost ply.gg #Port Forward Alternative cprapid.com #Web Host [cPanel] - Some malware domains, some normal teste.website #Web Host [HostGator] - Some malware domains, some normal taskernet.com #Android [APP] Tasker Allows custom scripts to run in the background cdn.snipr.gg #Hacking Tool: Credential Stuffing Toolkit snipr.gg #Hacking Tool: Credential Stuffing Toolkit mitm.it #Hacking Tool: Man-In-Middle Proxy ifud.ws #Hacker Forum lolz.guru #Hacker Forum godaddysites.com #Un-Finished sites - Usually malware (Not always) portchecker.co #Port Scanner api.c99.nl #Can be used as a port scanner kms.chinancce.com #KMS Activation, for Pirated versions of Windows kms.lotro.cc #KMS Activation, for Pirated versions of Windows nodr.io #Uses your bandwidth "when you're not using it" # Android "AI" Companions https://www.youtube.com/watch?v=6uwVNufVnD8 ######################################################################### beta.character.ai #Character.AI character.ai #Character.AI neo.character.ai #Character.AI plus.character.ai #Character.AI api.ifriend.ai #EvaAI ifriend.ai #EvaAI api.linke.ai #Linky api-ws.linke.ai #Linky linke.ai #Linky staticai.linke.ai #Linky sync-image.linke.ai #Linky us-central1-lover-ai-chatbot.cloudfunctions.net #LoverAI gw.vsa.ai #Paradot withfeelingaitest.firebaseapp.com #Paradot api.polyspeak.ai #Poly.AI cdn.polyspeak.ai #Poly.AI pluto.polyspeak.ai #Poly.AI polyspeak.ai #Poly.AI sanxia.polyspeak.ai #Poly.AI replika.ai #Replika ws.replika.ai #Replika api.talkie-ai.com #Talkie bigdata.talkie-ai.com #Talkie connection.talkie-ai.com #Talkie d1ss45t6zb3sdy.cloudfront.net #Talkie glowapp.vip #Talkie sensorsdata.glowapp.vip #Talkie talkie-ai.com #Talkie # Domains Used On/By Infected Machines (Potentially) #===================================================================================================== # # Money Transfer = Websites used to send money to someone else # Webhook = Inspect page requests (Can be used to receive data from an infected system) # Webscript = Run scripts online # #===================================================================================================== download.c3pool.com #Bitcoin Miner (Legit) - Used by compromized machines cardlesspaytech.com #Money Transfer (Seen used in Tech Support Scam) remitly.com #Money Transfer (Seen used in Tech Support Scam) remitly.io #Money Transfer (Seen used in Tech Support Scam) xe.com #Money Transfer (Seen used in Tech Support Scam) abcex.io #Bitcoin to cash conversions bitmoneyekb.com #Bitcoin to cash conversions paxful.com #Bitcoin to cash conversions beeceptor.com #Webhook hookdeck.com #Webhook httpreq.com #Webhook ironikus.com #Webhook requestbin.com #Webhook requestinspector.com #Webhook requestwatch.com #Webhook webhook.site #Webhook pythonanywhere.com #Webscript webscript.io #Webscript