According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address.
Malware botnet controller located at 95.213.216.157 443 TCP:
$ telnet 95.213.216.157 443
Trying 95.213.216.157…
Connected to 95.213.216.157.
Escape character is ‘^]’.
Malicious domains hosted observed on this IP address:
accesspayee.com. 600 IN A 95.213.216.157
activate-mywallet.com. 600 IN A 95.213.216.157
anz-contact.com. 600 IN A 95.213.216.157
anz-secure.online. 600 IN A 95.213.216.157
ausp-login2d.com. 600 IN A 95.213.216.157
closecontact-health-check.com. 600 IN A 95.213.216.157
easysecurebanking.com. 600 IN A 95.213.216.157
hmrcrefund-apply-form.com. 600 IN A 95.213.216.157
info-nhs.com. 600 IN A 95.213.216.157
mbank-kontakt.com. 600 IN A 95.213.216.157
mydeliver-postoffice.com. 600 IN A 95.213.216.157
mymobileapp-santander.com. 600 IN A 95.213.216.157
mypostoffice-delivery.com. 600 IN A 95.213.216.157
mywallet-reactivation.com. 600 IN A 95.213.216.157
nhs-covid-applypass.com. 600 IN A 95.213.216.157
nhsapply-covid-pass.com. 600 IN A 95.213.216.157
nhsapply-covid-pass.info. 600 IN A 95.213.216.157
onlinebanking-365logins.net. 600 IN A 95.213.216.157
order-test-052.com. 600 IN A 95.213.216.157
pack-postpone.com. 600 IN A 95.213.216.157
parcelconfirmation-gb4732.com. 600 IN A 95.213.216.157
po-apply-form.com. 600 IN A 95.213.216.157
po-branch-redelivery.com. 600 IN A 95.213.216.157
po-local-service.com. 600 IN A 95.213.216.157
po-local-services.com. 600 IN A 95.213.216.157
po-mailredelivery.com. 600 IN A 95.213.216.157
po-my-redelivery.com. 600 IN A 95.213.216.157
po-reschedule-fee.com. 600 IN A 95.213.216.157
poassist-redirect.com. 600 IN A 95.213.216.157
poredeliver-package.com. 600 IN A 95.213.216.157
postclaim-redirect.com. 600 IN A 95.213.216.157
posting-relocation.com. 600 IN A 95.213.216.157
postofficeuk-shipment-status.com. 600 IN A 95.213.216.157
potransit.com. 600 IN A 95.213.216.157
redeem-myaccount.info. 600 IN A 95.213.216.157
relocation-post.com. 600 IN A 95.213.216.157
reregister-mydevice.com. 600 IN A 95.213.216.157
reschedulelsl.me. 600 IN A 95.213.216.157
reschedulepsl.co.uk. 600 IN A 95.213.216.157
symptoms-health-check.com. 600 IN A 95.213.216.157
ukdigitalpass.co.uk. 600 IN A 95.213.216.157
ukpostaloffice-track-system.uk. 600 IN A 95.213.216.157