Permalink
Fetching contributors…
Cannot retrieve contributors at this time
229 lines (223 sloc) 22.1 KB

Below is the confirmed infrastructure used by attackers in case of MMD-0062-2017. Each IP has a logged record of the hostile activity targeted specific service(s), that is why we put in this RED network classification. These are abused infrastructure either by renting, hack, etc.

/* I am not updating this list anymore since Feb 18, 2017 & focus on the attacker's used Red Hot Chili Network (server side) */

UPDATES:

1. We have received contacts from NCSC-NL (CERT NL) via CERT-BUND (CERT DE) to confirm that 
the hoster entity 3NT.COM's Abuse Team has terminated the related customer account(s) of 
Strudels attacker actor. We herewith report that http://3NT.COM  has been cleaned up, so 
you can remove the block for the 3NT.COM addresses. The list below is stayed as per it is 
for the RECORD purpose only, as evidence of cyber crime for the law enforcement who is 
now investigating the case.  - Thank you - 

2. The attacker from AS49981 | 194.88.104.0/22 | WORLDSTREAM | NLis still on going, they moved
to the new ISP and new network in AS49453 | 91.195.103.0/24 | GLOBALLAYER | NL

This list is maintaned and updated daily basis. Shared for the blocking purpose. MalwareMustDie!

104.155.205.70 | 70.205.155.104.bc.googleusercontent.com. |15169 | 104.154.0.0/15 | GOOGLE | US | google.com | Google Inc.
104.255.70.230 |  |46664 | 104.255.64.0/21 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
104.255.70.231 |  |46664 | 104.255.64.0/21 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
104.255.71.138 |  |46664 | 104.255.64.0/21 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
107.178.111.104 | we.love.servers.at.ioflood.com. |53755 | 107.178.64.0/18 | IOFLOOD | US | lakesidewebhosting.com | Lakeside Web Hosting LLC
107.178.111.105 | we.love.servers.at.ioflood.com. |53755 | 107.178.64.0/18 | IOFLOOD | US | lakesidewebhosting.com | Lakeside Web Hosting LLC
107.178.111.166 | we.love.servers.at.ioflood.com. |53755 | 107.178.64.0/18 | IOFLOOD | US | ioflood.com | BudgetNode LLC
107.178.111.169 | we.love.servers.at.ioflood.com. |53755 | 107.178.64.0/18 | IOFLOOD | US | ioflood.com | BudgetNode LLC
107.189.171.198 | we.love.servers.at.ioflood.com. |53755 | 107.189.128.0/18 | IOFLOOD | US | klayer.com | KLAYER
109.190.229.147 | 147-229-190-109.dsl.ovh.fr. |35540 | 109.190.0.0/16 | OVH | FR | ovh.com | OVH SAS
109.201.154.187 | tsn109-201-154-187.dyn.nltelcom.net. |43350 | 109.201.128.0/19 | NFORCE | NL | nforce.com | NForce Entertainment B.V.
109.236.91.85 | customer.worldstream.nl. |49981 | 109.236.80.0/20 | WORLDSTREAM | NL | worldstream.nl | WorldStream
123.206.33.59 |  |45090 | 123.206.32.0/23 | CNNIC-TENCENT-NET |  | tencent.com | Tencent Cloud Computing (Beijing) Co. Ltd.
136.243.1.22 | static.22.1.243.136.clients.your-server.de. |24940 | 136.243.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
136.243.60.144 | static.144.60.243.136.clients.your-server.de. |24940 | 136.243.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
14.140.69.250 | 14.140.69.250.static-delhi.vsnl.net.in. |4755 | 14.140.64.0/21 | TATACOMM | IN | vsnl.net.in | Internet Service Provider
142.0.32.6 | The.Easiest.The.Best.VPSInfinity.com. |46664 | 142.0.32.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
142.0.32.9 | The.Easiest.The.Best.VPSInfinity.com. |46664 | 142.0.32.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
142.0.38.120 |  |46664 | 142.0.38.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
142.0.38.121 |  |46664 | 142.0.38.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
142.4.218.181 | ns505660.ip-142-4-218.net. |16276 | 142.4.192.0/19 | OVH | FR | ovh.com | OVH Hosting Inc.
144.76.35.115 | static.115.35.76.144.clients.your-server.de. |24940 | 144.76.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
144.76.37.11 | static.11.37.76.144.clients.your-server.de. |24940 | 144.76.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
149.56.243.4 | ns533925.ip-149-56-243.net. |16276 | 149.56.0.0/16 | OVH | FR | suitesoftware.com | Suite Software
158.69.127.127 | ns524586.ip-158-69-127.net. |16276 | 158.69.0.0/16 | OVH | FR | parsons.com | Parsons Corporation
163.172.124.113 | 163-172-124-113.rev.poneytelecom.eu. |12876 | 163.172.0.0/16 | AS12876 | FR | hmrc.gov.uk | HM Customs and Excise HQ Network
163.172.200.221 | 163-172-200-221.rev.poneytelecom.eu. |12876 | 163.172.0.0/16 | AS12876 | FR | hmrc.gov.uk | HM Customs and Excise HQ Network
163.172.226.184 | 163-172-226-184.rev.poneytelecom.eu. |12876 | 163.172.0.0/16 | AS12876 | FR | hmrc.gov.uk | HM Customs and Excise HQ Network
167.114.118.29 | ns511894.ip-167-114-118.net. |16276 | 167.114.0.0/16 | OVH | FR | ovh.com | OVH Hosting Inc.
167.114.210.108 | ns516312.ip-167-114-210.net. |16276 | 167.114.0.0/16 | OVH | FR | ovh.com | OVH Hosting Inc.
173.208.141.170 | 01f190-refoils.geekspicy.com. |32097 | 173.208.128.0/17 | WII-KC | US | wholesaleinternet.com | Wholesale Internet Inc.
173.208.251.50 |  |32097 | 173.208.128.0/17 | WII-KC | US | datashack.net | DataShack LC
173.81.108.81 | 173-81-108-81.chstcmtk01.res.dyn.suddenlink.net. |19108 | 173.81.0.0/17 | SUDDENLINK-COMMUNICA | US | suddenlink.com | Suddenlink Communications
176.31.244.32 | ns386546.ip-176-31-244.eu. |16276 | 176.31.0.0/16 | OVH | FR | ovh.com | OVH SAS
176.9.37.73 | static.73.37.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
176.9.39.107 | static.107.39.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
176.9.45.18 | static.18.45.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
176.9.45.67 | static.67.45.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
176.9.5.204 | static.204.5.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
178.20.154.228 | c814874.freehost.com.ua. |42331 | 178.20.154.0/23 | FREEHOST | UA | freehost.com.ua | PE Freehost
179.107.96.142 | 142-96-107-179.telbrax.net.br. |28250 | 179.107.96.0/20 | Telbrax | BR | telbrax.com.br | Telbrax Ltda
179.43.134.98 |  |51852 | 179.43.128.0/18 | PLI | CH | bollettafree.it | Private Layer Switzerland
185.110.132.202 |  |40965 | 185.110.132.0/24 | INFIUM-CUSTOMER | UA | - | -
185.159.37.21 | 185-159-37-21.controlyourself.online. |202619 | 185.159.37.0/24 | FENIKS | RU | - | -
185.169.229.19 |  |206975 | 185.169.229.0/24 | TOLDERGIB | GI | - | -
185.82.97.50 |  |42183 | 185.82.97.0/24 | NET360 | LB | net360.email | Net 360 S.A.R.L
192.162.101.217 | vps2411.inrr.ru. |50113 | 192.162.101.0/24 | SUPERSERVERSDATACENT | RU | ntx.ru | MediaServicePlus Ltd.
192.99.38.228 | ns502309.ip-192-99-38.net. |16276 | 192.99.0.0/16 | OVH | FR | ovh.com | OVH Hosting Inc.
193.95.75.16 |  |2609 | 193.95.0.0/17 | TN-BB | TN | 3s.tn | 3S GlobalNet
194.63.141.141 |  |50113 | 194.63.141.0/24 | SUPERSERVERSDATACENT | RU | ntx.ru | MediaServicePlus Ltd.
194.75.41.250 |  |2856 | 194.72.0.0/14 | BT-UK | GB | bt.com | BT Infrastructure Layer
194.88.107.21 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.9 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.253 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.188 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.11  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.176 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.19  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.179 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.13  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.254 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.192 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.175 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.23  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.7   |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.6   |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.181 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.186 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.18  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.190 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.210 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.27  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.15  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.248 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.172 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.209 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.247 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.12 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.16 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.24 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.206 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.207 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.26 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.10 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.178 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.171 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.174 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.177 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.187 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.191 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.193 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.211 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.14 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.8 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.22 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.45 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.44 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.189 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.47 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.173 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.180 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.183 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.184 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.185 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.20 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.25 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.28 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.46 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
195.154.43.41 | 195-154-43-41.rev.poneytelecom.eu. |12876 | 195.154.0.0/16 | AS12876 | FR | online.net | Online S.A.S.
195.154.55.32 | 195-154-55-32.rev.poneytelecom.eu. |12876 | 195.154.0.0/16 | AS12876 | FR | online.net | Online S.A.S.
195.154.59.205 | 195-154-59-205.rev.poneytelecom.eu. |12876 | 195.154.0.0/16 | AS12876 | FR | online.net | Online S.A.S.
195.97.83.26 |  |3329 | 195.97.0.0/17 | HOL | GR | hol.gr | Hellas on Line S.A.
198.204.237.26 | fo8c.com. |33387 | 198.204.224.0/19 | DATASHACK | US | datashack.net | DataShack LC
198.204.255.194 |  |33387 | 198.204.224.0/19 | DATASHACK | US | alexanderneves.com.br | Zhou Pizhong
199.115.230.194 |  |46664 | 199.115.230.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
199.115.230.198 |  |46664 | 199.115.230.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
199.115.230.200 |  |46664 | 199.115.230.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
199.168.138.229 |  |46664 | 199.168.138.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
199.168.139.156 |  |46664 | 199.168.139.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
212.129.27.25 | 212-129-27-25.rev.poneytelecom.eu. |12876 | 212.129.0.0/18 | AS12876 | FR | online.net | Online S.A.S.
212.83.142.65 | 212-83-142-65.rev.poneytelecom.eu. |12876 | 212.83.128.0/19 | AS12876 | FR | online.net | Online S.A.S.
213.239.202.114 | 213-239-202-114.clients.your-server.de. |24940 | 213.239.192.0/18 | HETZNER | DE | hetzner.de | Hetzner Online AG
213.239.205.116 | static.213-239-205-116.clients.your-server.de. |24940 | 213.239.192.0/18 | HETZNER | DE | hetzner.de | Hetzner Online AG
216.250.125.113 | u19883663.onlinehome-server.com. |8560 | 216.250.112.0/20 | ONEANDONE | DE | oneandone.net | 1&1 Internet Inc.
217.23.8.17 | customer.worldstream.nl. |49981 | 217.23.0.0/20 | WORLDSTREAM | NL | worldstream.nl | WorldStream
35.167.162.218 | ec2-35-167-162-218.us-west-2.compute.amazonaws.com. |16509 | 35.160.0.0/13 | AMAZON-02 | US | merit.edu | Merit Network Inc.
37.187.187.138 | ip138.ip-37-187-187.eu. |16276 | 37.187.0.0/16 | OVH | FR | ovh.com | OVH SAS
37.49.224.110 |  |133229 | 37.49.224.0/24 | HOSTPALACE | IN | estroweb.in | Estro Web Services Private Limited
38.84.132.236 | tomenta.com. |174 | 38.0.0.0/8 | COGENT-174 | US | yourbestnetwork.net | Hostzealot
45.32.113.192 | 45.32.113.192.vultr.com. |20473 | 45.32.96.0/19  | AS-CHOOPA | US | choopa.com | Choopa LLC
45.76.156.126 | 45.76.156.126.vultr.com. |20473 | 45.76.152.0/21 | AS-CHOOPA | US | choopa.com | Choopa LLC
46.4.57.23  | static.23.57.4.46.clients.your-server.de.  |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.59.91  | static.91.59.4.46.clients.your-server.de.  |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.60.138 | static.46-4-60-138.clients.your-server.de. |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.69.181 | static.46-4-69-181.clients.your-server.de. |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.84.66  | static.46-4-84-66.clients.your-server.de.  |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.98.163 | static.46-4-98-163.clients.your-server.de. |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.196.76.41 | ns335510.ip-5-196-76.eu. |16276 | 5.196.0.0/16 | OVH | FR | ovh.com | OVH SAS
5.45.64.11  |  |50673 | 5.45.64.0/21 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.68.142 |  |50673 | 5.45.64.0/21 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.72.234 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.72.51  |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.73.208 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.73.253 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.74.251 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.75.230 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.76.23  |  |50673 | 5.45.76.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.77.161 |  |50673 | 5.45.76.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.78.229 |  |50673 | 5.45.76.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.153 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.154 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.155 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.176 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.177 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.178 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.192 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.193 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.195 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.135 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.136 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.137 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.146 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.147 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.149 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.159 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.160 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.161 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.144 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.145 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.166 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.167 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.168 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.65  |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.66  |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.67  |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.75  |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.178 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.179 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.183 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.184 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.185 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.9.118.106 | static.106.118.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.150.10  | static.10.150.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.153.69  | static.69.153.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.19.80   | static.80.19.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.50.173  | static.173.50.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.59.85   | static.85.59.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.71.103  | static.103.71.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.74.105  | static.105.74.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
50.21.183.44 | u19282468.onlinehome-server.com. |8560 | 50.21.176.0/20 | ONEANDONE | DE | oneandone.net | 1&1 Internet Inc.
62.210.220.115 | 62-210-220-115.rev.poneytelecom.eu. |12876 | 62.210.0.0/16 | AS12876 | FR | online.net | Online S.A.S.
78.46.78.150 | static.150.78.46.78.clients.your-server.de. |24940 | 78.46.0.0/15 | HETZNER | DE | hetzner.de | Hetzner Online AG
8.38.88.94 |  |13886 | 8.38.88.0/24 | CLOUD-SOUTH | US | level3.com | Level 3 Communications Inc.
80.47.120.159 | host-80-47-120-159.as13285.net. |9105 | 80.40.0.0/13 | TISCALI | GB | talktalk.co.uk | Pipex - Tiscali Migration Space
81.199.16.233 | 81.199.16.233.satcom-systems.net. |12491 | 81.199.16.0/22 | IPPLANET | IL | gilat.net | Gilat Satcom
85.229.201.206 | c-cec9e555.09-484-73746f39.cust.bredbandsbolaget.se. |2119 | 85.224.0.0/13 | TELENOR | NO | bredbandsbolaget.se | B2 customers in sto39.se
88.198.2.84 | static.88-198-2-84.clients.your-server.de. |24940 | 88.198.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
91.197.235.11||60144 | 91.197.234.0/23 | THREE-W-INFRA | NL | - | Planet Telecom Ltd.
93.190.143.155 | customer.worldstream.nl. |49981 | 93.190.140.0/22 | WORLDSTREAM | NL | worldstream.nl | WorldStream
91.195.103.178 |  |49453 | 91.195.103.0/24 | GLOBALLAYER | NL | - | CJSC Metrostandart
91.195.103.179 |  |49453 | 91.195.103.0/24 | GLOBALLAYER | NL | - | CJSC Metrostandart
91.195.103.189 |  |49453 | 91.195.103.0/24 | GLOBALLAYER | NL | - | CJSC Metrostandart
91.195.103.186 |  |49453 | 91.195.103.0/24 | GLOBALLAYER, | NL | - | CJSC Metrostandart
91.195.103.187 |  |49453 | 91.195.103.0/24 | GLOBALLAYER, | NL | - | CJSC Metrostandart
91.195.103.188||49453 | 91.195.103.0/24 | GLOBALLAYER, | NL | - | CJSC Metrostandart
91.195.103.189||49453 | 91.195.103.0/24 | GLOBALLAYER, | NL | - | CJSC Metrostandart

Anaysis by: unixfreaxjp - MalwareMustDie, NPO