Phishing domain perufalabella.esdrastravel.com has been tagged as a malicious domain which is hosting content in order to phish unaware internet users. The domain perufalabella.esdrastravel.com should be considered dangerous and communication towards that domain should be flagged as malicious.
Malicious behavior which is often seen on phishing sites;
If you have left information on the phishing domain perufalabella.esdrastravel.com
The chance is there that you are reading this because you have left information on the phishing site – if that is the case, we strongly recommend you to take action in order to minimize the damage which can be done by the phished data.
If you have left personal information which you do not want to see online, inform the police agency in your environment about the fact that you think that you have been phished. They will instruct you on which steps you need to take.
The second step is to make sure that you did not sign-up for any affiliate programs which demand a payment each week/day or per message. If that is the case, you need to search up the phone number on Google and make sure that you find instructions on how to disable the affiliate program.
You can also call up your phone provider to inform them that you have signed up for an affiliate program via a phishing page, if they care, they should continue to help you in order to disable that affiliate program.
Call your bank if you have left personal/financial information on the phishing page, they will be able to instruct you in which steps you need to take to minimize the effect of the performed phishing attack.
If you have left information on the phishing page with your “work/company” profile, then make sure that you inform your IT-manager or the “Cyber” Security Officer in the company. This will allow them to minimize the effect on the company.
What you should always have enabled
When you are using devices that contain private or sensitive information, we strongly recommend you to use an up to date anti-virus on that device. The anti-virus will protect your device against malicious applications. The use of a VPN is also recommended, the VPN will hide your IP from the outside world, making it hard for anyone on the internet to identify your location via the IP. This can also be done by using TOR.
Currently hosted on IP:
Autonomous System Number (ASN):
Pages hosted on IP:
The pages which are hosted on 220.127.116.11 do not have to be malicious, the fact that the IP has been flagged is because of the fact that at least “one” page on perufalabella.esdrastravel.com was identified as a phishing page.
Domains which were/are hosted on 18.104.22.168:
Hashes which are affiliated with that IP according to VirusTotal:
If you have extra information about this attack, and you are allowed to share that information, then please do not hesitate to add extra information to this post about perufalabella.esdrastravel.com via the comment section below. We thank you in advance.