CyberCrime site: work.panthera.ca/V3asd4s2ew/cp.php?m=login should resolve to 92.55.82.245
but goes here: http://urlquery.net/report.php?id=9415796 → ordinarily implemented using only 127.0.0.1/32 for loopback, but no addresses within this block should ever appear on any network anywhere [RFC1700, page 5].
92.55.82.245 3 connections First seen 5 months ago Last seen 46 hours ago Threat AlienVault Danger level 4
→ http://urlquery.net/report.php?id=9415886 → not analyzed get a failure…
Domainn work.panthera.ca/IN doesn’t exist - failed to look for Parent - delegation not found at parent! → http://dnscheck.sidn.nl/?time=1392243498&id=1735553&view=basic&test=standard → http://totalhash.com/network/ip:92.55.82.245
→ https://zeustracker.abuse.ch/monitor.php?host=work.panthera.ca
Should be blocked by avast because of Nameserver(s): ns1.afraid dot org | ns2.afraid dot org | ns3.afraid dot org | ns4.afraid dot org
Might be a SplitDNS misconfiguration! 127.0.0.2 myhost myhost.mydomain → http://jsunpack.jeek.org/?report=1368f4734499c3b4f369f1d818b79cce8def670a
polonus