Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Initial domains:
- 178.170.104.124
- actes-lyon.org
- aybabtu.ru
- brave.net.nz
- goozix.com
- gylaqim.com
- healthpharmacydrug.in
- moniwild.sakura.ne.jp
- rodinr.511.com1.ru
- rxtreatments.ru
- southeasterntrains-fail.com
- toys-store.net
- webhydro.com
- www.sweetscape.com
- Styx domains:
- www1.l5yhg95szx7k42.usa.cc
- www1.o-6vuo7jzwff5fv.usa.cc
- www1.qejt8wkvxre5a98.usa.cc
- www1.xjfvtg6bagx8.usa.cc
- www1.yi4f59df9s509dmg7.usa.cc
- www2.lmm3jn8un9e0t3.mohamed.me
- www2.pz16hdco9zmw1.mohamed.me
- www3.ad63gyomll2jo237-1.usa.cc
- www3.ev2okgoe5o6.usa.cc
- www3.x1ediwc0h9zrdzaud.4pu.com
- www3.x-8hlldq1w50.usa.cc
- www3.y-83m4wjpzlx6.usa.cc
- Binary IPs:
- 212.117.176.187
- 79.133.196.94
- 69.57.173.222
- 46.105.131.126
- Binary IPs whois info:
- ** 212.117.176.187 **
- inetnum: 212.117.176.0 - 212.117.190.255
- netname: SERVER-NETWORK
- descr: root SA
- country: LU
- admin-c: AB99-RIPE
- tech-c: RE655-RIPE
- status: ASSIGNED PA
- mnt-by: ROOT-MNT
- source: RIPE # Filtered
- role: root eSolutions
- address: 35, rue John F. Kennedy
- address: 7327 Steinsel
- address: Luxembourg
- phone: +352 20.500
- fax-no: +352 20.500.500
- abuse-mailbox: abuse@as5577.net
- remarks:
- remarks: +------------------------------------+
- remarks: | Operational Issues: |
- remarks: | noc@as5577.net |
- remarks: +------------------------------------+
- remarks: | Abuse and Spam: |
- remarks: | abuse@as5577.net |
- remarks: +------------------------------------+
- remarks:
- admin-c: RE655-RIPE
- tech-c: AB99-RIPE
- nic-hdl: RE655-RIPE
- mnt-by: ROOT-MNT
- source: RIPE # Filtered
- person: Andy BIERLAIR
- address: root SA
- address: 35, rue John F. Kennedy
- address: 7327 Steinsel
- address: Luxembourg
- phone: +352 20.500
- fax-no: +352 20.500.500
- nic-hdl: AB99-RIPE
- mnt-by: ROOT-MNT
- remarks:
- remarks: +------------------------------------+
- remarks: | I did *NOT* spam your mailbox! |
- remarks: | I will *NOT* reply to abuse mails! |
- remarks: | |
- remarks: | Please contact abuse@as5577.net ! |
- remarks: +------------------------------------+
- remarks:
- source: RIPE # Filtered
- % Information related to '212.117.160.0/19AS5577'
- route: 212.117.160.0/19
- descr: root SA
- origin: AS5577
- mnt-by: ROOT-MNT
- source: RIPE # Filtered
- ** 79.133.196.94 **
- inetnum: 79.133.196.80 - 79.133.196.95
- netname: HOSTLAB-NET
- descr: eTOP http://www.etop.pl
- country: PL
- admin-c: ETOP1-RIPE
- tech-c: ETOP1-RIPE
- status: ASSIGNED PA
- mnt-by: ETOP-MNT
- source: RIPE # Filtered
- role: eTOP RIPE Administrators
- address: eTOP Sp. z o.o.
- address: Al.Jerozolimskie 200
- address: 02-222 Warsaw
- address: Poland
- phone: +48 22 5780100
- fax-no: +48 22 5780101
- remarks: from fixed network in Poland dial 0801 081 221
- remarks: trouble: Information and questions: mailto:etop@etop.pl
- remarks: trouble: Abuse and bug reports: mailto:abuse@etop.pl
- admin-c: KO1097-RIPE
- admin-c: MICB1-RIPE
- admin-c: AGA444-RIPE
- tech-c: KO1097-RIPE
- tech-c: MICB1-RIPE
- tech-c: AGA444-RIPE
- nic-hdl: ETOP1-RIPE
- mnt-by: ETOP-MNT
- source: RIPE # Filtered
- abuse-mailbox: abuse@etop.pl
- % Information related to '79.133.192.0/19AS20853'
- route: 79.133.192.0/19
- descr: eTOP NET
- origin: AS20853
- mnt-by: ETOP-MNT
- source: RIPE # Filtered
- ** 69.57.173.222 **
- %rwhois V-1.0,V-1.5:00090h:00 my.dedicatednow.com (Ubersmith RWhois
- Server V-2.3.0)
- autharea=69.57.173.0/24
- xautharea=69.57.173.0/24
- network:Class-Name:network
- network:Auth-Area:69.57.173.0/24
- network:ID:NET-3225.69.57.173.216/29
- network:Network-Name:69.57.173.216/29
- network:IP-Network:69.57.173.216/29
- network:IP-Network-Block:69.57.173.216 - 69.57.173.223
- network:Org-Name:ISCP SIA
- network:Street-Address:Lubanas iela 121-37
- network:City:Riga
- network:State:Tortolla
- network:Postal-Code:VG 1110
- network:Country-Code:LV
- network:Tech-Contact:MAINT-3225.69.57.173.216/29
- network:Created:20100915020908000
- network:Updated:20100915020908000
- network:Updated-By:network@fortressitx.com
- contact:POC-Name:FortressITX Network
- contact:POC-Email:network@fortressitx.com
- contact:POC-Phone:973-572-1070
- contact:Tech-Name:FortressITX Network
- contact:Tech-Email:network@fortressitx.com
- contact:Tech-Phone:973-572-1070
- contact:Abuse-Name:FortressITX Abuse
- contact:Abuse-Email:abuse@fortressitx.com
- contact:Abuse-Phone:973-572-1070
- ** 46.105.131.126 ** (another IP related to the malware)
- inetnum: 46.105.131.120 - 46.105.131.127
- netname: marysanders1
- descr: marysanders1net
- country: IE
- org: ORG-OH5-RIPE
- admin-c: OTC9-RIPE
- tech-c: OTC9-RIPE
- status: ASSIGNED PA
- mnt-by: OVH-MNT
- source: RIPE # Filtered
- organisation: ORG-OH5-RIPE
- org-name: OVH Hosting Limited
- org-type: OTHER
- address: 5 Fitzwilliam Place
- address: Dublin 2
- address: Ireland
- abuse-mailbox: abuse@ovh.net
- mnt-ref: OVH-MNT
- mnt-by: OVH-MNT
- source: RIPE # Filtered
- role: OVH IE Technical Contact
- address: OVH Hosting Limited
- address: 5 Fitzwilliam Place
- address: Dublin 2
- address: Ireland
- admin-c: OK217-RIPE
- tech-c: GM84-RIPE
- nic-hdl: OTC9-RIPE
- abuse-mailbox: abuse@ovh.net
- mnt-by: OVH-MNT
- source: RIPE # Filtered
- % Information related to '46.105.0.0/16AS16276'
- route: 46.105.0.0/16
- descr: OVH ISP
- descr: Paris, France
- origin: AS16276
- mnt-by: OVH-MNT
- source: RIPE # Filtered
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement