The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
ArkeiStealer botnet controller located at 45.11.26.87 on port 80 (using HTTP POST):
hXXp://googa.link/gate1.php
$ dig +short googa.link
45.11.26.87
Referencing malware binaries (MD5 hash):
0400f006fffda43a68b396a089d4cfd1 — AV detection: 28 / 69 (40.58)
313e71064ff19295a9910e15ebd0ae9f — AV detection: 28 / 69 (40.58)
345c375694fc5bfdaf7df43f54ec2722 — AV detection: 27 / 69 (39.13)
56b31efacc9276416fdfad956f175736 — AV detection: 29 / 69 (42.03)
6177d1bc6fe9a0355439e4a7d5827368 — AV detection: 24 / 63 (38.10)
6c41c1d5b60ccde3f223be2638f06184 — AV detection: 25 / 68 (36.76)
76a90609cbaa90844e406e471877f761 — AV detection: 28 / 69 (40.58)
85f8b08cdfc1c7a81475bfd702e7d296 — AV detection: 16 / 55 (29.09)
99462564e33b89ddb3fc2b0f01824a29 — AV detection: 25 / 67 (37.31)
9ea9cb2822fa52cb8c7727bef6365641 — AV detection: 28 / 69 (40.58)
b8d0c4d0ba4bd4aabde315a6c632518e — AV detection: 33 / 66 (50.00)
bacb4d512460965546a1e1acdf0658a9 — AV detection: 42 / 65 (64.62)
f5d5683077a7541b54004ee28f076624 — AV detection: 26 / 65 (40.00)
fd95523c6faf8c41a6e96f8d3ec8f8a5 — AV detection: 24 / 67 (35.82)
Other malicious domain names hosted on this IP address:
stata2021.best 45.11.26.87
googs.link 45.11.26.87
googa.link 45.11.26.87