Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update malware domains at IP 185.56.234.205 #1323

Closed
vhpcdpgl opened this issue Jul 19, 2023 · 3 comments
Closed

Update malware domains at IP 185.56.234.205 #1323

vhpcdpgl opened this issue Jul 19, 2023 · 3 comments
Assignees
@hagezi
Labels
deny Deny domain(s) denylist Added to denylst

Comments

@vhpcdpgl
Copy link
Contributor

vhpcdpgl commented Jul 19, 2023
edited
Loading

Which domain(s) should be blocked?

akakfp.com
awydvo.com
bakceu.com
bcwiff.com
bgrfmi.com
bphfmm.com
cepakk.com
ceqydz.com
dhnxza.com
fchxvw.com
ffhako.com
fpozbd.com
fswhwc.com
gjdpzn.com
gycqna.com
gyjqjt.com
gzwzvt.com
hdhfkz.com
hontmt.com
ingzhe.com
irtvro.com
isarvh.com
jggjh.com
jgqreh.com
jhzhis.com
jimqib.com
jqgrbs.com
kktmjv.com
kmmebs.com
kzkvma.com
mbjhgd.com
metiyx.com
mrggdz.com
mscawb.com
njjvzw.com
nlxini.com
nvcrcf.com
pjswpu.com
qaaxus.com
qcpqjr.com
qmsvnh.com
qoatde.com
rcqmrz.com
ritedn.com
rrtype.com
sbjock.com
tcsfpm.com
udwuyw.com
ugqkcz.com
upudhn.com
uzbvtt.com
vgrcxa.com
vgsksc.com
vyggtp.com
wdfdbz.com
whcfmp.com
wojqxw.com
wokzax.com
wrxgee.com
xbdovp.com
xbkgce.com
xseyfj.com
xvsgro.com
xyzgnc.com
yzfsxx.com
zayatr.com
zuhrzf.com

Why should these domain(s) be blocked?

Malware domains at IP 185.56.234.205

More info:

https://bgp.he.net/ip/185.56.234.205#_dns
https://urlscan.io/ip/185.56.234.205
@vhpcdpgl vhpcdpgl added the deny Deny domain(s) label Jul 19, 2023
@vhpcdpgl
Copy link
Contributor Author

vhpcdpgl commented Jul 19, 2023
edited
Loading

Another example is domain cjvdfw.com [blocked domain] with the same IP 185.56.234.205:

https://blocklist-tools.developerdan.com/entries/search?q=cjvdfw.com
https://urlscan.io/search/#cjvdfw.com
https://urlscan.io/result/2c10de4b-fcd6-42c1-9e07-e857ec9f461d/content/
https://urlscan.io/result/e7de7f1f-7186-417e-8544-835177e47509/content/
https://www.virustotal.com/gui/url/dfa8fb410beed0c04bf27599fafaa97816dcc0a2eb4753e7a9f16d52ec95981c

@hagezi hagezi added the denylist Added to denylst label Jul 19, 2023
@github-actions
Copy link

Thanks, domain(s) has been added to the denylist and will be added in the next update.

@vhpcdpgl
Copy link
Contributor Author 

bgrfmi.com
bpdnct.com
bphfmm.com
eweukr.com
gycqna.com
hcafpg.com
ingzhe.com
irtvro.com
jggjh.com
mnawew.com
nlxini.com
nvcrcf.com
qmsvnh.com
ritedn.com
rrtype.com
vgrcxa.com
vgsksc.com
whcfmp.com
xyzgnc.com
ybcgju.com

@vhpcdpgl vhpcdpgl mentioned this issue Jul 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hagezi hagezi

Labels
deny Deny domain(s) denylist Added to denylst
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vhpcdpgl @hagezi