Jump to content

IP Block on (possible FP?)


Recommended Posts

While looking up a domain using the Sysinternals whois tool, the tool tried to connect to


That domain is blocked by Malwarebytes due to it resolving to 206[.]54[.]190.5

AbuseIPDB and ThreatFox do not have it listed, and only one product on VirusTotal detects it.

The only things on that IP are paranames domains and one weird .shop domain. Two pieces of malware do call out to this IP, but I can not see why they do so.

mb_log_1.txt mb_log_2.txt

Edited by sp123
Add "the"
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.