Domain > insta.reduct.ru

This indicator is referenced in AlienVault OTX pulse ""

Reports

https://www.us-cert.gov/security-publications/GRIZ...

Files that talk to insta.reduct.ru

DNS Resolutions

Date	IP Address
2016-04-18	146.185.161.126 (ClassC)
2018-04-04	109.70.26.37 (ClassC)
2018-11-02	72.52.4.90 (ClassC)
2019-07-19	91.195.240.126 (ClassC)
2019-09-05	91.195.240.210 (ClassC)
2019-11-26	185.53.179.29 (ClassC)
2019-11-27	52.50.65.32 (ClassC)
2019-12-08	91.195.240.136 (ClassC)
2020-05-14	75.2.111.214 (ClassC)
2021-07-27	64.190.63.136 (ClassC)
2024-04-24	185.189.15.13 (ClassC)
2025-08-01	62.122.170.171 (ClassC)

HTTP/1.1 200 OKServer: nginx/1.12.0Date: Wed, 24 Apr 2024 06:21:31 GMTContent-Type: text/htmlContent-Length: 284010Last-Modified: Thu, 03 Dec 2020 11:16:13 GMTConnection: keep-aliveETag: 5fc8c8fd-4556

!DOCTYPE html>html dirltr langen-US>head>	meta http-equivcontent-type contenttext/html; charsetutf-8 />	meta nameviewport contentwidthdevice-width, initial-scale1, maximum-scale1 />		title>Срок регистрации домена закончился. Купить домен можно тут./title>	meta namedescription contentКупить домен, регистрация домена, домен истек />	meta namekeywords contentдомен, продление, покупка />			link relshortcut icon hrefhttp://185.189.15.13/favicon.png/>		style>		body{margin:0;}		footer,header,section{display:block;}		a{background-color:transparent;}		a:active,a:hover{outline:0;}		h1{margin:.67em 0;font-size:2em;}		img{border:0;}		@media print{		*,:after,:before{color:#000!important;text-shadow:none!important;background:0 0!important;-webkit-box-shadow:none!important;box-shadow:none!important;}		a,a:visited{text-decoration:underline;}		ahref:after{content: ( attr(href) );}		img{page-break-inside:avoid;}		img{max-width:100%!important;}		p{orphans:3;widows:3;}		}		*{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;}		:after,:before{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;}		body{font-family:Helvetica Neue,Helvetica,Arial,sans-serif;font-size:14px;line-height:1.42857143;color:#333;background-color:#fff;}		a{color:#337ab7;text-decoration:none;}		a:focus,a:hover{color:#23527c;text-decoration:underline;}		a:focus{outline:5px auto -webkit-focus-ring-color;outline-offset:-2px;}		img{vertical-align:middle;}		h1{font-family:inherit;font-weight:500;line-height:1.1;color:inherit;}		h1{margin-top:20px;margin-bottom:10px;}		h1{font-size:36px;}		p{margin:0 0 10px;}		.container{padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto;}				@media (min-width:768px){			.container{width:750px;}		}		@media (min-width:992px){			.container{width:970px;}		}		@media (min-width:1200px){			.container{width:1170px;}		}		.col-md-12,.col-md-3,.col-md-9{position:

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

MD5	A/V
ae38389caf1143dd71719265327f764d
e1c27e9a7888dc35e8d07282eebe905d
f79ec84df5c3eed2d15d3ed38b46eacf
2078ad3263d8f3fa596bb665229944e1
29bdd6a89bdc9395c4ef4dec4070ff49	[W97M.Dropper.DL] [W97M.Dropper.DL] [W2KM_FAREIT.DDZ] [Trojan.Script.Stealer.ebqncn] [W97M.Dropper.DL] [Troj/DocDl-CIU] [W97M.Dropper.DL] [W2KM_FAREIT.DDZ] [Artemis!CA82B694C2E0] [W97M/Dropper] [TrojanDropper:O97M/Farheyt.C] [HEUR.VBA.Trojan.e] [W97M.Dropper.DL] [Artemis!CA82B694C2E0] [WM/Fareit.GTZ!tr] [virus.office.obfuscated.1]

Domain > insta.reduct.ru

Is this malicious?

Reports

Files that talk to insta.reduct.ru

DNS Resolutions

Port 80