Taking out ConnectWise sites

General Discussion
746

https://gircare.help/,
https://mgsupport.online/

1 Like
747

01/30/25 mrhelp.top 104.21.88.122 Cloudflare/Gname - 464546
01/30/25 engajroker.cyou 104.21.32.1 Cloudflare/Gname

This has been coming up for months. Looks like they moved the IP on the main page, and changed the backend.

11/25/24 mrhelp.top 172.67.178.182 Cloudflare/Gname.com
11/25/24 gajrokerring.icu 172.67.155.171 Cloudflare/Gname.com

1 Like
748

01/30/25 acxcare.help 104.21.70.103 Cloudflare/Namesilo - 40389

This one is same download

749

01/30/25 qthelp.top 172.67.156.100 Cloudflare/Gname
01/30/25 molatorila.cyou 104.21.64.1 Cloudflare/Gname

This download was last seen and associated with dnhelp.top

01/16/25 dnhelp.top 172.67.132.187 Cloudflare/Gname
01/16/25 molatorila.cyou 104.21.64.1 Cloudflare/Gname

750

https://m.mob411.top:8443/

751

jdycare.help

1 Like
752

01/30/25 lehelp.top 104.21.48.1 Cloudflare/Gname
01/30/25 promolatori.icu 104.21.72.74 Cloudflare/Gname

First reported last November. IP changed, hosts have not

11/27/25 lehelp.top 188.114.96.3 Cloudflare/Gname.com
11/27/25 promolatori.icu 172.67.176.99 Cloudflare/Gname.com

753

01/30/25 fixcare.help 104.21.96.1 Cloudflare/Namesilo

754

01/30/25 detcare.help 188.114.97.3 Cloudflare/Namesilo

Same URL download

755

01/30/25 juhelp.top 104.21.32.1 Cloudflare/Gname

Same URL download

756

https://tr.uchelp.top/,
https://kaptohelp.top/ (code 54957)

1 Like
757

01/31/25 ncvcare.help 172.67.163.146 Cloudflare/Namesilo - 53085

These guys used the last 5 of the phone number for the code, never seen that one before

Same URL download

758

That’s very common on ConnectWise sites, I saw again this morning…
https://dashcare.help/

1 Like
759
01/31/25 pps.help9.top 172.67.134.186 Cloudflare/Gname
01/31/25 molatoriist.cyou 172.67.135.27 Cloudflare/Gname
760

https://www.pklo.us/
https://www.yjhelp.top/ (code in use 39YG90U)

1 Like
761

01/31/25 ighelp.top 172.67.144.115 Cloudflare/Gname
01/31/25 samolatori.cyou 188.114.97.3 Cloudflare/Gname

This was originally reported in Dec. Still on same IP/Host

12/12/24 ighelp.top 172.67.144.115 Cloudflare/Gname
12/12/24 samolatori.cyou 188.114.97.3 Cloudflare/Gname

762

01/31/25 tchelp.top 172.67.164.196 Cloudflare/Gname

1 Like
763

https://www.verifyme.help/
https://oxbgt-4s.top/Guest32xw.aspx/?Session=519375a7-1738-4f3a-b27d-0673577a0601

https://dashcare.help/

https://dnet124.org/
https://ncvcare.help/
https://dserv.help/

2 Likes
764

https://ptbhelp.top/
https://jsrcare.help/
https://xacare.help/?__cf_chl_tk=n5kuDYRiEYfiXUFZfvEzkTGgmNc5P.DMeXQ71bVzhIs-1738423037-1.0.1.1-fWG6Ym9RVc1EeZYz6mO_O8lpbcp64pBxf7rD6YVjjCI
https://zdcare.help/

2 Likes
765

https://servyou.help/
https://supportaid.help/

3 Likes