===== Updated 2020-02-08 to include SBL477579. =====
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Loki botnet controller located at 89.208.196.209 on port 80 (using HTTP POST):
hXXp://expertisem.net/agutaz/direct/pushin/fre.php
$ dig +short expertisem.net
89.208.196.209
$ nslookup 89.208.196.209
209.mcs.mail.ru
====================================================
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
AgentTesla botnet controller located at 89.208.196.209 on port 80 (using HTTP POST):
hXXp://ipblasta.com/kmaker/inc/860cce76152de2.php
$ dig +short ipblasta.com
89.208.196.209
$ nslookup 89.208.196.209
209.mcs.mail.ru
Other malicious domain names hosted on this IP address:
ipblasta.com 89.208.196.209
binta.xyz 89.208.196.209
expertisem.net 89.208.196.209