Phishing: perufalabella.esdrastravel.com

Phishing domain perufalabella.esdrastravel.com has been tagged as a malicious domain which is hosting content in order to phish unaware internet users. The domain perufalabella.esdrastravel.com should be considered dangerous and communication towards that domain should be flagged as malicious.

Malicious behavior which is often seen on phishing sites;

  • Fake forms which request personal information.
  • Affiliate surveys which generate an online revenue for the cybercriminals/scammers.
  • Download buttons which download malicious/adware applications or plugins.

phishing

Phishing: perufalabella.esdrastravel.com

If you have left information on the phishing domain perufalabella.esdrastravel.com

The chance is there that you are reading this because you have left information on the phishing site – if that is the case, we strongly recommend you to take action in order to minimize the damage which can be done by the phished data.

Inform the police

If you have left personal information which you do not want to see online, inform the police agency in your environment about the fact that you think that you have been phished. They will instruct you on which steps you need to take.

Affiliate programs

The second step is to make sure that you did not sign-up for any affiliate programs which demand a payment each week/day or per message. If that is the case, you need to search up the phone number on Google and make sure that you find instructions on how to disable the affiliate program.

You can also call up your phone provider to inform them that you have signed up for an affiliate program via a phishing page, if they care, they should continue to help you in order to disable that affiliate  program.

Your bank

Call your bank if you have left personal/financial information on the phishing page, they will be able to instruct you in which steps you need to take to minimize the effect of the performed phishing attack.

Your work

If you have left information on the phishing page with your “work/company” profile, then make sure that you inform your IT-manager or the “Cyber” Security Officer in the company. This will allow them to minimize the effect on the company.

What you should always have enabled

When you are using devices that contain private or sensitive information, we strongly recommend you to use an up to date anti-virus on that device. The anti-virus will protect your device against malicious applications. The use of a VPN is also recommended, the VPN will hide your IP from the outside world, making it hard for anyone on the internet to identify your location via the IP. This can also be done by using TOR.

Detailed information on perufalabella.esdrastravel.com

Current date:
2016-07-2
Currently hosted on IP:
149.202.228.229
Country:
ES
Autonomous System Number (ASN):

Pages hosted on IP:
7.400 pages

The pages which are hosted on 149.202.228.229 do not have to be malicious, the fact that the IP has been flagged is because of the fact that at least “one” page on perufalabella.esdrastravel.com was identified as a phishing page.

Domains which were/are hosted on 149.202.228.229:

  1. androidmansion.com
  2. doriginalstudio.com
  3. doriginalstudio.es
  4. kapelmuurcyclestore.com
  5. miprimerchurumbel.com
  6. redactandotextos.com
  7. www.bigsexblog.com
  8. baraibar.eus
  9. cajadefotos.es
  10. cvrasal.com
  11. escribirunblog.com
  12. flexosonline.com
  13. gorkaaintz.com
  14. insurancecarslife.co
  15. lapandillamascota.com
  16. midasmypitstop.es
  17. mifarmaceutica.com
  18. multiventaspoufer.com
  19. mybatterypocket.com
  20. mybatterypocket.es

Hashes which are affiliated with that IP according to VirusTotal:

  1. fa23b04f69befe38106789fd4d2da29444974fce1a40ae55ffdf09871ec1e7ab
  2. 50154d3f9bb3f4e433bfb057c1c8572b6b53a2699edda8a3532e43a5e94f412b
  3. 17fa2f3324d45c27a318ed51dab739c7f09b573185b76889b955ad2c9ad1d7b8

Participate in malware research

The Cyberwarzone Community holds a forum for “Malware & Phishing research“, you are invited to participate on the forum. You do not need to sign-up, and it is totally free.

Extra information on perufalabella.esdrastravel.com

If you have extra information about this attack, and you are allowed to share that information, then please do not hesitate to add extra information to this post about perufalabella.esdrastravel.com via the comment section below. We thank you in advance.

Founder of Cyberwarzone.com.