From PDNS: A fix length of 13, tlds:[club, com, info, me, net, vip]
suqitian opened this issue · 2 comments
suqitian commented
- A suspicious DGA cluster from PDNS
- URL
http://www.bt9i4x9v8pen7.com/tixvpn/tixvpnR.asp?
http://www.cbbrcieg6h2t1.info/brightR.asp?
- Not found MD5
- Domains
www.bt9i4x9v8pen7.com
www.bt9i4x9v8pen7.net
www.1t8i6xfv3pdn6.club
www.1t8i6xfv3pdn6.com
www.1t8i6xfv3pdn6.info
www.1t8i6xfv3pdn6.me
www.1t8i6xfv3pdn6.net
www.1t8i6xfv3pdn6.vip
www.2t6ifxbv6p7nd.club
www.2t6ifxbv6p7nd.com
www.2t6ifxbv6p7nd.info
www.2t6ifxbv6p7nd.me
www.2t6ifxbv6p7nd.net
www.2t6ifxbv6p7nd.vip
www.3t6i4x3vbp4n5.club
www.3t6i4x3vbp4n5.com
www.3t6i4x3vbp4n5.info
www.3t6i4x3vbp4n5.me
www.3t6i4x3vbp4n5.net
www.3t6i4x3vbp4n5.vip
www.3t8i0x7vap2na.club
www.3t8i0x7vap2na.com
www.3t8i0x7vap2na.info
www.3t8i0x7vap2na.me
www.3t8i0x7vap2na.net
www.3t8i0x7vap2na.vip
www.6t5i7x7v0p7n6.club
www.6t5i7x7v0p7n6.com
www.6t5i7x7v0p7n6.info
www.6t5i7x7v0p7n6.me
www.6t5i7x7v0p7n6.net
www.6t5i7x7v0p7n6.vip
www.7tbifxdv1p9n6.info
www.7tbifxdv1p9n6.me
www.7tbifxdv1p9n6.net
www.8tdi3x3v2p2n2.club
www.8tdi3x3v2p2n2.com
www.8tdi3x3v2p2n2.info
www.8tdi3x3v2p2n2.me
www.8tdi3x3v2p2n2.net
www.8tdi3x3v2p2n2.vip
www.9t3idxdv8p3ne.club
www.9t3idxdv8p3ne.com
www.9t3idxdv8p3ne.info
www.9t3idxdv8p3ne.me
www.9t3idxdv8p3ne.net
www.9t3idxdv8p3ne.vip
www.bt8i6x3vdpbnc.info
www.bt8i6x3vdpbnc.me
www.bt8i6x3vdpbnc.net
www.bt9i4x9v8pen7.club
www.bt9i4x9v8pen7.com
www.bt9i4x9v8pen7.info
www.bt9i4x9v8pen7.me
www.bt9i4x9v8pen7.net
www.bt9i4x9v8pen7.vip
www.dt5i7xcv0pand.club
www.dt5i7xcv0pand.com
www.dt5i7xcv0pand.info
www.dt5i7xcv0pand.me
www.dt5i7xcv0pand.net
www.dt5i7xcv0pand.vip
suqitian commented
- Not malware
- 天行VPN
These domains were generated by 天行VPN.
Domain pattern:
www.bt9i4x9v8pen7.vip
->www._t_i_x_v_p_n.TLDs
suqitian commented
- Another cluster
... ...
www.5b4r0i2gbhatc.vip
www.5bfr0i7gbhdt9.club
www.5bfr0i7gbhdt9.com
www.5bfr0i7gbhdt9.info
www.5bfr0i7gbhdt9.me
www.5bfr0i7gbhdt9.net
www.5bfr0i7gbhdt9.vip
www.6b7r6i8g6hbt2.club
www.6b7r6i8g6hbt2.com
www.6b7r6i8g6hbt2.info
www.6b7r6i8g6hbt2.me
www.6b7r6i8g6hbt2.vip
www.6b9rai3g3h9t3.club
www.6b9rai3g3h9t3.com
www.6b9rai3g3h9t3.info
www.6b9rai3g3h9t3.me
www.6b9rai3g3h9t3.net
www.6b9rai3g3h9t3.vip
www.6bdr4i5gah5t0.club
www.6bdr4i5gah5t0.com
www.6bdr4i5gah5t0.info
www.6bdr4i5gah5t0.me
www.6bdr4i5gah5t0.net
www.6bdr4i5gah5t0.vip
www.7b4r1i0gah2te.club
www.7b4r1i0gah2te.com
www.7b4r1i0gah2te.info
www.7b4r1i0gah2te.me
www.7b4r1i0gah2te.net
www.7b4r1i0gah2te.vip
www.8b7rbi0g8hct3.club
www.8b7rbi0g8hct3.com
www.8b7rbi0g8hct3.info
www.8b7rbi0g8hct3.me
www.8b7rbi0g8hct3.net
www.8b7rbi0g8hct3.vip
www.8b7rbi9g0h0t7.club
www.8b7rbi9g0h0t7.com
www.8b7rbi9g0h0t7.info
www.8b7rbi9g0h0t7.me
www.8b7rbi9g0h0t7.net
www.8b7rbi9g0h0t7.vip
www.9b0r6icgdhct4.club
www.9b0r6icgdhct4.com
www.9b0r6icgdhct4.info
www.9b0r6icgdhct4.me
www.9b0r6icgdhct4.net
www.9b0r6icgdhct4.vip
www.9b5r0idgdhdt0.club
www.9b5r0idgdhdt0.com
www.9b5r0idgdhdt0.info
... ...
- Bright VPN
Generated by Bright VPN.
Domain pattern:
www.9b5r0idgdhdt0.com
->www._b_r_i_g_h_t.TLDs