The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
RaccoonStealer botnet controller located at 104.21.79.96 on port 80 (using HTTP GET):
hXXp://telegka.top/sa115bayon
$ dig +short telegka.top
104.21.79.96
Referencing malware binaries (MD5 hash):
00502f2c9c6bfcaa288f596aac9b415b — AV detection: 24 / 67 (35.82)
072ec490957cf2437ae387b858f59bf7 — AV detection: 40 / 67 (59.70)
0d3bce2fc9c94e0081a53103725c98d1 — AV detection: 30 / 67 (44.78)
1a9d785918746462824ea5d32530647a — AV detection: 22 / 65 (33.85)
334798c6dd092a51fa5c46dc33371f36 — AV detection: 22 / 66 (33.33)
38ead7ffa7500b97dd3680daa09132af — AV detection: 23 / 66 (34.85)
4b20016baeaf799dffca7e34d79fce64 — AV detection: 20 / 66 (30.30)
60dc92ca65d9764cad0689772adcdc15 — AV detection: 23 / 66 (34.85)
7b80246bce50f3548ccb02ca9ea4156a — AV detection: 55 / 69 (79.71)
8af6af38c091b9246ae449eab61cd718 — AV detection: 20 / 65 (30.77)
a936cb66b6d51601d8494fe2b10e5984 — AV detection: 21 / 66 (31.82)
a9c708da14ecf83aea7bdb5ac7e6bcab — AV detection: 24 / 67 (35.82)
b727c98c03b5301a55a51651d1104e5b — AV detection: 21 / 66 (31.82)
d49b364d09111b7a2b1d9303e26693cd — AV detection: 29 / 64 (45.31)
dc827bb8354f5661250eae1e963dea46 — AV detection: 19 / 64 (29.69)
fa6655e08918afdfc4e6562cdcc87f1c — AV detection: 18 / 63 (28.57)
Other malicious domain names hosted on this IP address:
evanmichaels.net 104.21.79.96
telegka.top 104.21.79.96