Taking out ConnectWise sites

https://dnhelp.top/

https://dscare.live/,
redirects to,
ConnectWise ScreenConnect Remote Support Software

https://gbcare.help/?__cf_chl_rt_tk=S_qZp6PRyIQf.44rJ6uvB8CKrcSM43s7RBtyGUFYXyI-1734036779-1.0.1.1-Y8x3K2yNuAblOWOHmgmni0e3xlHkM7fOFrme0SYBEOg

12/12/24 mgbhelp.top 79.110.49.101 Virtuo/Namesilo

12/12/24 trhelp.top 188.114.97.3 Cloudflare/Gname

Download IP changed slightly
10/25/24 trhelp.top 188.114.97.9 Cloudflare/Gname.com Pte. Ltd.
10/25/24 molatoriist.icu 91.208.184.187 Alexhost/Gname.com Pte. Ltd.

12/13/24 nsrcare.help 104.21.94.75 Cloudflare/Namesilo - 04705

Same site download

https://nsrcare.help/
The site is still up and running, please make sure before posting…

PayPal Scammers ConnectWise

oihelp.top

https://ppl247.top/,
and,
https://sgcare.help/

https://accinfo.live/,
redirects to,
ConnectWise ScreenConnect Remote Support Software

https://zswcare.help/

12/17/24 bcxcare.help 188.114.96.3 Cloudflare/Namesilo - 29853

Was first reported

11/19/24 bcxcare.help 188.114.97.3 Cloudflare/Namesilo

Same URL download.

12/17/24 nmhelp.top 172.67.220.70 Cloudflare/Gname - 55vh22j
12/17/24 onmolatori.icu 172.67.138.230 Cloudflare/Gname

This download was last seen and reported on 11/13 connected to ojhelp.top, the download hasn’t moved.
11/13/24 ojhelp.top 172.67.141.53 Cloudflare/Gname.com
11/13/24 onmolatori.icu 172.67.138.230 Cloudflare/Gname.com

https://eopcare.help/,
and,
https://hrhcare.live/,
and,
https://xlhelp.top/?__cf_chl_rt_tk=kK5LMlxcdlSIxxCBFsQYEnSXlVSokYXBfPoxJ2XMeGs-1734475182-1.0.1.1-k6NPPKbvCqR85Jl6c_8ynb.2h3BKvF_EkAR9nWw3zoU

came across today… hope you can take this out too:

eopcare.help 23627 or 07469
rhhelp.top 285598