According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address.
Malware botnet controller located at 185.185.70.179 port 443 TCP:
$ telnet 185.185.70.179 443
Trying 185.185.70.179…
Connected to 185.185.70.179.
Escape character is ‘^]’
Malicious domains hosted observed on this IP address:
bt-bonus.online. 600 IN A 185.185.70.179
cartesi-bonus.online. 600 IN A 185.185.70.179
catcoin-bonus.online. 600 IN A 185.185.70.179
ceekvr-bonus.online. 600 IN A 185.185.70.179
celer-bonus.online. 600 IN A 185.185.70.179
chromia-bonus.online. 600 IN A 185.185.70.179
coin-98-bonus.online. 600 IN A 185.185.70.179
flamemetaverse-bonus.online. 600 IN A 185.185.70.179
gadgetwar-bonus.online. 600 IN A 185.185.70.179
icoin-bonus.online. 600 IN A 185.185.70.179
idlecyber-bonus.online. 600 IN A 185.185.70.179
jigen-bonus.online. 600 IN A 185.185.70.179
maker-bonus.online. 600 IN A 185.185.70.179
safepal-bonus.online. 600 IN A 185.185.70.179
superfarm-bonus.online. 600 IN A 185.185.70.179
swipe-bonus.online. 600 IN A 185.185.70.179
triplereward.online. 600 IN A 185.185.70.179
yooshi-bonus.online. 600 IN A 185.185.70.179
zilliqa-bonus.online. 600 IN A 185.185.70.179