phishing sites i found from certificate data for sites that resolve to 178.159.36.41

phishing_sites_on_178.159.36.41.md

IP: 178.159.36.41
Netblock (using Whois info): 178.159.36.0-178.159.36.255
ASN: 35196 IHOR-AS, RU
Whois Email for IP: [email protected]
Whois Email / SOA for domains: [email protected]

URL	Type
hxxp://icloud.com-findmyphone.in/admin/login.php	iPanel Pro
hxxp://www.apps.care/apple/admin/login.php	Sign In - iPanel
hxxp://www.apps.care/ssl/	Index of /ssl
hxxp://www.com-findmy.be/bld/admin/login.php	iPanel Pro
hxxp://www.com-findmy.be/icloud/admin/login.php	iPanel Pro
hxxp://www.com-findmyphone.in/findmy/admin/login.php	iPanel Pro
hxxp://www.com-findmyphone.in/iclo/admin/login.php	iPanel Pro
hxxp://www.com-findmyphone.in/supp/admin/login.php	iPanel Pro
hxxp://www.com-fmd.me/apple/admin/login.php	Sign In - iPanel
hxxp://www.com-fmd.me/ssl/	Index of /ssl
hxxp://www.com-in.me/apple/admin/login.php	Sign In - iPanel
hxxp://www.com-in.me/ssl/	Index of /ssl
hxxp://www.com-locate.me/bld/admin/login.php	iPanel Pro
hxxp://www.com-locate.me/icloud/admin/login.php	iPanel Pro
hxxp://www.com-locatedevice.in/findmy/admin/login.php	iPanel Pro
hxxp://www.com-locatedevice.in/iclo/admin/login.php	iPanel Pro
hxxp://www.com-locatedevice.in/supp/admin/login.php	iPanel Pro
hxxp://www.com-us.cc/apple/admin/login.php	Sign In - iPanel
hxxp://www.com-us.cc/ssl/	Index of /ssl
hxxp://www.icloud.com-findmyphone.in/admin/login.php	iPanel Pro
hxxp://www.infos.report/apple/admin/login.php	Sign In - iPanel
hxxp://www.infos.report/ssl/	Index of /ssl
hxxp://icloud.com-findmy.be/admin/	Пример входа в PHP

Hi, I might add some more just to let Google index it and protect some folks.

Fradulent website. Display fake Facebook form on mobile devices.
konfiguracja-wejdz.eu

IP: 91.234.99.145

IP Address: 91.234.99.145

Geolocation: NL (Netherlands), N/A, N/A, N/A N/A - Google Maps

Reverse DNS Lookup

.

2nd Level Domain: .

IP Address Check

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '91.234.99.0 - 91.234.99.255'

% Abuse contact for '91.234.99.0 - 91.234.99.255' is '[email protected]'

inetnum: 91.234.99.0 - 91.234.99.255
netname: PrivateInternetHosting
country: NL
org: ORG-PIHL2-RIPE
admin-c: AI4225-RIPE
tech-c: AI4225-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: MNT-PHL
mnt-by: NETWORK-SUPPORT-MNT
created: 2017-03-22T11:49:32Z
last-modified: 2020-11-16T17:37:33Z
source: RIPE
sponsoring-org: ORG-ML520-RIPE

organisation: ORG-PIHL2-RIPE
org-name: Private Internet Hosting LTD
org-type: OTHER
address: New Horizon Building, Ground Floor, 3 � Miles Philip S.W. Goldson Highway, Belize city, Belize
abuse-c: ACRO937-RIPE
mnt-ref: MNT-PHL
mnt-by: MNT-PHL
created: 2016-07-04T16:31:10Z
last-modified: 2020-06-22T07:27:29Z
source: RIPE # Filtered

person: Alexandros Iosifidis
address: New Horizon Building, Ground Floor, 3 � Miles Philip S.W. Goldson Highway, Belize city, Belize
phone: +4915145583734
nic-hdl: AI4225-RIPE
mnt-by: MNT-PHL
created: 2016-07-07T13:25:43Z
last-modified: 2020-06-23T07:48:51Z
source: RIPE

% Information related to '91.234.99.0/24AS213058'

route: 91.234.99.0/24
origin: AS213058
mnt-by: MNT-PHL
created: 2020-06-22T08:02:12Z
last-modified: 2020-06-22T08:02:12Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.98 (HEREFORD)



Domain Lookup

Domain Name from Reverse DNS Check: .

2nd Level Domain: .

No whois server is known for this kind of object.```

Welp, 5 years later and they are STILL hosting stuff like this and the abuse contact does not reply.