Malware botnet controller @35.247.221.21

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller at 35.247.221.21 on port 443.
$ telnet 35.247.221.21 443
Trying 35.247.221.21…
Connected to 35.247.221.21.
Escape character is ‘^]’

$ dig +short -x 35.247.221.21
66.254.138.34.bc.googleusercontent.com.

Malicious domains observed at this IP address:
502-bad.net. 600 IN A 35.247.221.21
atom-softs.com. 600 IN A 35.247.221.21
atom-tw.com. 600 IN A 35.247.221.21
atom-tweak.net. 600 IN A 35.247.221.21
atomtweak.com. 600 IN A 35.247.221.21
beachbig.com. 600 IN A 35.247.221.21
best1488.com. 600 IN A 35.247.221.21
blackinstalls.com. 600 IN A 35.247.221.21
bthuu.com. 600 IN A 35.247.221.21
chinett.com. 600 IN A 35.247.221.21
cloudjah.com. 600 IN A 35.247.221.21
cranonline.com. 600 IN A 35.247.221.21
cranonline.com. 600 IN A 35.247.221.21
dailykan.com. 600 IN A 35.247.221.21
dailykan.com. 600 IN A 35.247.221.21
djher.com. 600 IN A 35.247.221.21
djher.com. 600 IN A 35.247.221.21
far-lbs.com. 600 IN A 35.247.221.21
freehar.com. 600 IN A 35.247.221.21
freehar.com. 600 IN A 35.247.221.21
g-farlab.com. 600 IN A 35.247.221.21
glclick.com. 600 IN A 35.247.221.21
glclick.com. 600 IN A 35.247.221.21
gokaef.com. 600 IN A 35.247.221.21
gripeee.com. 600 IN A 35.247.221.21
gvnoweb.com. 600 IN A 35.247.221.21
i-farlab.com. 600 IN A 35.247.221.21
i-farlabs.com. 600 IN A 35.247.221.21
i-labspro.com. 600 IN A 35.247.221.21
in-softs.com. 600 IN A 35.247.221.21
it-farlab.com. 600 IN A 35.247.221.21
johnsol.com. 600 IN A 35.247.221.21
kayattr.com. 600 IN A 35.247.221.21
labs-pr.com. 600 IN A 35.247.221.21
liveme202.com. 600 IN A 35.247.221.21
mindurl.com. 600 IN A 35.247.221.21
mindurl.com. 600 IN A 35.247.221.21
nanbier.com. 600 IN A 35.247.221.21
netgul.com. 600 IN A 35.247.221.21
nextinstall.info. 600 IN A 35.247.221.21
noplayboy.com. 600 IN A 35.247.221.21
noplayboy.com. 600 IN A 35.247.221.21
offtechnology.com. 600 IN A 35.247.221.21
ouclick.com. 600 IN A 35.247.221.21
ouclick.com. 600 IN A 35.247.221.21
payfilms.com. 600 IN A 35.247.221.21
search1search.com. 600 IN A 35.247.221.21
sharemem.com. 600 IN A 35.247.221.21
soft-me.com. 600 IN A 35.247.221.21
softsme.com. 600 IN A 35.247.221.21
spiritualpay.top. 600 IN A 35.247.221.21
thepe.net. 600 IN A 35.247.221.21
thispacific-pact.top. 600 IN A 35.247.221.21
zodomain.com. 600 IN A 35.247.221.21

Опубликовано
В рубрике google.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *