Skip to content

Latest commit

 

History

History
183 lines (181 loc) · 18.4 KB

Attacker_Red_Network.md

File metadata and controls

183 lines (181 loc) · 18.4 KB
Raw

Below is the confirmed infrastructure used by attackers in case of MMD-0062-2017. Each IP has a logged record of the hostile activity targeted specific service(s), that is why we put in this RED network classification. These are abused infrastructure either by renting, hack, etc.

This list is maintaned and updated daily basis. Shared for the blocking purpose. MalwareMustDie!

104.155.205.70 | 70.205.155.104.bc.googleusercontent.com. |15169 | 104.154.0.0/15 | GOOGLE | US | google.com | Google Inc.
104.255.70.230 |  |46664 | 104.255.64.0/21 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
104.255.70.231 |  |46664 | 104.255.64.0/21 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
104.255.71.138 |  |46664 | 104.255.64.0/21 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
107.178.111.104 | we.love.servers.at.ioflood.com. |53755 | 107.178.64.0/18 | IOFLOOD | US | lakesidewebhosting.com | Lakeside Web Hosting LLC
107.178.111.105 | we.love.servers.at.ioflood.com. |53755 | 107.178.64.0/18 | IOFLOOD | US | lakesidewebhosting.com | Lakeside Web Hosting LLC
107.178.111.166 | we.love.servers.at.ioflood.com. |53755 | 107.178.64.0/18 | IOFLOOD | US | ioflood.com | BudgetNode LLC
107.178.111.169 | we.love.servers.at.ioflood.com. |53755 | 107.178.64.0/18 | IOFLOOD | US | ioflood.com | BudgetNode LLC
107.189.171.198 | we.love.servers.at.ioflood.com. |53755 | 107.189.128.0/18 | IOFLOOD | US | klayer.com | KLAYER
109.190.229.147 | 147-229-190-109.dsl.ovh.fr. |35540 | 109.190.0.0/16 | OVH | FR | ovh.com | OVH SAS
109.201.154.187 | tsn109-201-154-187.dyn.nltelcom.net. |43350 | 109.201.128.0/19 | NFORCE | NL | nforce.com | NForce Entertainment B.V.
109.236.91.85 | customer.worldstream.nl. |49981 | 109.236.80.0/20 | WORLDSTREAM | NL | worldstream.nl | WorldStream
123.206.33.59 |  |45090 | 123.206.32.0/23 | CNNIC-TENCENT-NET |  | tencent.com | Tencent Cloud Computing (Beijing) Co. Ltd.
136.243.1.22 | static.22.1.243.136.clients.your-server.de. |24940 | 136.243.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
136.243.60.144 | static.144.60.243.136.clients.your-server.de. |24940 | 136.243.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
14.140.69.250 | 14.140.69.250.static-delhi.vsnl.net.in. |4755 | 14.140.64.0/21 | TATACOMM | IN | vsnl.net.in | Internet Service Provider
142.0.32.6 | The.Easiest.The.Best.VPSInfinity.com. |46664 | 142.0.32.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
142.0.32.9 | The.Easiest.The.Best.VPSInfinity.com. |46664 | 142.0.32.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
142.0.38.120 |  |46664 | 142.0.38.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
142.0.38.121 |  |46664 | 142.0.38.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
142.4.218.181 | ns505660.ip-142-4-218.net. |16276 | 142.4.192.0/19 | OVH | FR | ovh.com | OVH Hosting Inc.
144.76.35.115 | static.115.35.76.144.clients.your-server.de. |24940 | 144.76.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
144.76.37.11 | static.11.37.76.144.clients.your-server.de. |24940 | 144.76.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
149.56.243.4 | ns533925.ip-149-56-243.net. |16276 | 149.56.0.0/16 | OVH | FR | suitesoftware.com | Suite Software
158.69.127.127 | ns524586.ip-158-69-127.net. |16276 | 158.69.0.0/16 | OVH | FR | parsons.com | Parsons Corporation
163.172.124.113 | 163-172-124-113.rev.poneytelecom.eu. |12876 | 163.172.0.0/16 | AS12876 | FR | hmrc.gov.uk | HM Customs and Excise HQ Network
163.172.200.221 | 163-172-200-221.rev.poneytelecom.eu. |12876 | 163.172.0.0/16 | AS12876 | FR | hmrc.gov.uk | HM Customs and Excise HQ Network
163.172.226.184 | 163-172-226-184.rev.poneytelecom.eu. |12876 | 163.172.0.0/16 | AS12876 | FR | hmrc.gov.uk | HM Customs and Excise HQ Network
167.114.118.29 | ns511894.ip-167-114-118.net. |16276 | 167.114.0.0/16 | OVH | FR | ovh.com | OVH Hosting Inc.
167.114.210.108 | ns516312.ip-167-114-210.net. |16276 | 167.114.0.0/16 | OVH | FR | ovh.com | OVH Hosting Inc.
173.208.141.170 | 01f190-refoils.geekspicy.com. |32097 | 173.208.128.0/17 | WII-KC | US | wholesaleinternet.com | Wholesale Internet Inc.
173.208.251.50 |  |32097 | 173.208.128.0/17 | WII-KC | US | datashack.net | DataShack LC
173.81.108.81 | 173-81-108-81.chstcmtk01.res.dyn.suddenlink.net. |19108 | 173.81.0.0/17 | SUDDENLINK-COMMUNICA | US | suddenlink.com | Suddenlink Communications
176.31.244.32 | ns386546.ip-176-31-244.eu. |16276 | 176.31.0.0/16 | OVH | FR | ovh.com | OVH SAS
176.9.37.73 | static.73.37.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
176.9.39.107 | static.107.39.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
176.9.45.18 | static.18.45.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
176.9.45.67 | static.67.45.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
176.9.5.204 | static.204.5.9.176.clients.your-server.de. |24940 | 176.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
178.20.154.228 | c814874.freehost.com.ua. |42331 | 178.20.154.0/23 | FREEHOST | UA | freehost.com.ua | PE Freehost
179.107.96.142 | 142-96-107-179.telbrax.net.br. |28250 | 179.107.96.0/20 | Telbrax | BR | telbrax.com.br | Telbrax Ltda
179.43.134.98 |  |51852 | 179.43.128.0/18 | PLI | CH | bollettafree.it | Private Layer Switzerland
185.110.132.202 |  |40965 | 185.110.132.0/24 | INFIUM-CUSTOMER | UA | - | -
185.159.37.21 | 185-159-37-21.controlyourself.online. |202619 | 185.159.37.0/24 | FENIKS | RU | - | -
185.169.229.19 |  |206975 | 185.169.229.0/24 | TOLDERGIB | GI | - | -
185.82.97.50 |  |42183 | 185.82.97.0/24 | NET360 | LB | net360.email | Net 360 S.A.R.L
192.162.101.217 | vps2411.inrr.ru. |50113 | 192.162.101.0/24 | SUPERSERVERSDATACENT | RU | ntx.ru | MediaServicePlus Ltd.
192.99.38.228 | ns502309.ip-192-99-38.net. |16276 | 192.99.0.0/16 | OVH | FR | ovh.com | OVH Hosting Inc.
193.95.75.16 |  |2609 | 193.95.0.0/17 | TN-BB | TN | 3s.tn | 3S GlobalNet
194.63.141.141 |  |50113 | 194.63.141.0/24 | SUPERSERVERSDATACENT | RU | ntx.ru | MediaServicePlus Ltd.
194.75.41.250 |  |2856 | 194.72.0.0/14 | BT-UK | GB | bt.com | BT Infrastructure Layer
194.88.107.21 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.9 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.253 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.188 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.11  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.176 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.19  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.179 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.13  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.254 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.192 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.175 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.23  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.7   |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.6   |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.181 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.186 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.18  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.190 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.210 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.27  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.15  |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.248 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.172 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.209 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.247 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.12 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.16 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.24 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.206 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.207 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.26 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.107.10 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
194.88.106.178 |  |49981 | 194.88.104.0/22 | WORLDSTREAM | NL | online.be | Online Internet nv/sa
195.154.43.41 | 195-154-43-41.rev.poneytelecom.eu. |12876 | 195.154.0.0/16 | AS12876 | FR | online.net | Online S.A.S.
195.154.55.32 | 195-154-55-32.rev.poneytelecom.eu. |12876 | 195.154.0.0/16 | AS12876 | FR | online.net | Online S.A.S.
195.154.59.205 | 195-154-59-205.rev.poneytelecom.eu. |12876 | 195.154.0.0/16 | AS12876 | FR | online.net | Online S.A.S.
195.97.83.26 |  |3329 | 195.97.0.0/17 | HOL | GR | hol.gr | Hellas on Line S.A.
198.204.237.26 | fo8c.com. |33387 | 198.204.224.0/19 | DATASHACK | US | datashack.net | DataShack LC
198.204.255.194 |  |33387 | 198.204.224.0/19 | DATASHACK | US | alexanderneves.com.br | Zhou Pizhong
199.115.230.194 |  |46664 | 199.115.230.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
199.115.230.198 |  |46664 | 199.115.230.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
199.115.230.200 |  |46664 | 199.115.230.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
199.168.138.229 |  |46664 | 199.168.138.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
199.168.139.156 |  |46664 | 199.168.139.0/24 | VOLUMEDRIVE | US | volumedrive.com | VolumeDrive
212.129.27.25 | 212-129-27-25.rev.poneytelecom.eu. |12876 | 212.129.0.0/18 | AS12876 | FR | online.net | Online S.A.S.
212.83.142.65 | 212-83-142-65.rev.poneytelecom.eu. |12876 | 212.83.128.0/19 | AS12876 | FR | online.net | Online S.A.S.
213.239.202.114 | 213-239-202-114.clients.your-server.de. |24940 | 213.239.192.0/18 | HETZNER | DE | hetzner.de | Hetzner Online AG
213.239.205.116 | static.213-239-205-116.clients.your-server.de. |24940 | 213.239.192.0/18 | HETZNER | DE | hetzner.de | Hetzner Online AG
216.250.125.113 | u19883663.onlinehome-server.com. |8560 | 216.250.112.0/20 | ONEANDONE | DE | oneandone.net | 1&1 Internet Inc.
217.23.8.17 | customer.worldstream.nl. |49981 | 217.23.0.0/20 | WORLDSTREAM | NL | worldstream.nl | WorldStream
35.167.162.218 | ec2-35-167-162-218.us-west-2.compute.amazonaws.com. |16509 | 35.160.0.0/13 | AMAZON-02 | US | merit.edu | Merit Network Inc.
37.187.187.138 | ip138.ip-37-187-187.eu. |16276 | 37.187.0.0/16 | OVH | FR | ovh.com | OVH SAS
37.49.224.110 |  |133229 | 37.49.224.0/24 | HOSTPALACE | IN | estroweb.in | Estro Web Services Private Limited
38.84.132.236 | tomenta.com. |174 | 38.0.0.0/8 | COGENT-174 | US | yourbestnetwork.net | Hostzealot
45.32.113.192 | 45.32.113.192.vultr.com. |20473 | 45.32.96.0/19  | AS-CHOOPA | US | choopa.com | Choopa LLC
45.76.156.126 | 45.76.156.126.vultr.com. |20473 | 45.76.152.0/21 | AS-CHOOPA | US | choopa.com | Choopa LLC
46.4.57.23  | static.23.57.4.46.clients.your-server.de.  |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.59.91  | static.91.59.4.46.clients.your-server.de.  |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.60.138 | static.46-4-60-138.clients.your-server.de. |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.69.181 | static.46-4-69-181.clients.your-server.de. |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.84.66  | static.46-4-84-66.clients.your-server.de.  |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
46.4.98.163 | static.46-4-98-163.clients.your-server.de. |24940 | 46.4.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.196.76.41 | ns335510.ip-5-196-76.eu. |16276 | 5.196.0.0/16 | OVH | FR | ovh.com | OVH SAS
5.45.64.11  |  |50673 | 5.45.64.0/21 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.68.142 |  |50673 | 5.45.64.0/21 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.72.234 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.72.51  |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.73.208 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.73.253 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.74.251 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.75.230 |  |50673 | 5.45.72.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.76.23  |  |50673 | 5.45.76.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.77.161 |  |50673 | 5.45.76.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.78.229 |  |50673 | 5.45.76.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.153 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.154 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.155 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.176 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.177 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.178 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.192 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.193 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.84.195 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.135 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.136 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.137 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.146 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.147 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.149 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.159 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.160 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.85.161 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.144 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.145 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.166 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.167 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.168 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.65  |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.66  |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.67  |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.86.75  |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.178 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.179 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.183 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.184 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.45.87.185 |  |50673 | 5.45.84.0/22 | SERVERIUS | NL | 3nt.com | 3nt solutions LLP
5.9.118.106 | static.106.118.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.150.10  | static.10.150.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.153.69  | static.69.153.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.19.80   | static.80.19.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.50.173  | static.173.50.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.59.85   | static.85.59.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.71.103  | static.103.71.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
5.9.74.105  | static.105.74.9.5.clients.your-server.de. |24940 | 5.9.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
50.21.183.44 | u19282468.onlinehome-server.com. |8560 | 50.21.176.0/20 | ONEANDONE | DE | oneandone.net | 1&1 Internet Inc.
62.210.220.115 | 62-210-220-115.rev.poneytelecom.eu. |12876 | 62.210.0.0/16 | AS12876 | FR | online.net | Online S.A.S.
78.46.78.150 | static.150.78.46.78.clients.your-server.de. |24940 | 78.46.0.0/15 | HETZNER | DE | hetzner.de | Hetzner Online AG
8.38.88.94 |  |13886 | 8.38.88.0/24 | CLOUD-SOUTH | US | level3.com | Level 3 Communications Inc.
80.47.120.159 | host-80-47-120-159.as13285.net. |9105 | 80.40.0.0/13 | TISCALI | GB | talktalk.co.uk | Pipex - Tiscali Migration Space
81.199.16.233 | 81.199.16.233.satcom-systems.net. |12491 | 81.199.16.0/22 | IPPLANET | IL | gilat.net | Gilat Satcom
85.229.201.206 | c-cec9e555.09-484-73746f39.cust.bredbandsbolaget.se. |2119 | 85.224.0.0/13 | TELENOR | NO | bredbandsbolaget.se | B2 customers in sto39.se
88.198.2.84 | static.88-198-2-84.clients.your-server.de. |24940 | 88.198.0.0/16 | HETZNER | DE | hetzner.de | Hetzner Online AG
91.197.235.11||60144 | 91.197.234.0/23 | THREE-W-INFRA | NL | - | Planet Telecom Ltd.
93.190.143.155 | customer.worldstream.nl. |49981 | 93.190.140.0/22 | WORLDSTREAM | NL | worldstream.nl | WorldStream

Anaysis by: unixfreaxjp - MalwareMustDie, NPO