Malware / Botnet / Phishing hosting server @45.140.167.52

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address.

Malware botnet controller located at 45.140.167.52 port 443 TCP:
$ telnet 185.105.116.232 443
Trying 185.105.116.232…
Connected to 185.105.116.232.
Escape character is ‘^]’

Malicious domains hosted observed on this IP address:
airleft.link. 600 IN A 185.105.116.232
bigbrisk.link. 600 IN A 185.105.116.232
bornwrong.link. 600 IN A 185.105.116.232
brightfair.link. 600 IN A 185.105.116.232
broadmodel.link. 600 IN A 185.105.116.232
closeresult.link. 600 IN A 185.105.116.232
coststand.link. 600 IN A 185.105.116.232
deepteacher.link. 600 IN A 185.105.116.232
dofancy.link. 600 IN A 185.105.116.232
dropmind.link. 600 IN A 185.105.116.232
enablehope.link. 600 IN A 185.105.116.232
ideasix.link. 600 IN A 185.105.116.232
illimagine.link. 600 IN A 185.105.116.232
letzte-chance.link. 600 IN A 185.105.116.232
letzte-moglichkeit.link. 600 IN A 185.105.116.232
modestdisease.link. 600 IN A 185.105.116.232
movewait.link. 600 IN A 185.105.116.232
nastydate.work. 600 IN A 185.105.116.232
nur-fur-sie.link. 600 IN A 185.105.116.232
pencilleg.link. 600 IN A 185.105.116.232
planorder.link. 600 IN A 185.105.116.232
playertight.link. 600 IN A 185.105.116.232
producecontain.link. 600 IN A 185.105.116.232
profitseason.link. 600 IN A 185.105.116.232
puretight.link. 600 IN A 185.105.116.232
quieteconomy.link. 600 IN A 185.105.116.232
relatefive.link. 600 IN A 185.105.116.232
roofsky.link. 600 IN A 185.105.116.232
thirteenintroduce.link. 600 IN A 185.105.116.232
tradeshare.link. 600 IN A 185.105.116.232
trickylove.link. 600 IN A 185.105.116.232
universitypoint.link. 600 IN A 185.105.116.232
wordmerry.link. 600 IN A 185.105.116.232

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *