ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 91.219.23.145:80.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1767691
IOC: 91.219.23.145:80
IOC Type :ip:port
Threat Type :botnet_cc
Malware: ClearFake
Confidence Level : Confidence level is high (90%)
Is compromised? : False
ASN:AS215540 GCS-AS
Country:- RU
First seen:2026-03-16 06:30:14 UTC
Last seen:never
UUID:6cf63ccc-20d5-11f1-9af6-42010aa4000a
Reporter Lenny_3BO
Reward 5 credits from ThreatFox
Tags:ClearFake Commandline staging
Reference: https://www.virustotal.com/gui/collection/bd9ca7b3101e6c32640359b8d2ed6a5ce440eedc4e2aef0c4e54c59b3ecf709a

Avatar
Lenny_3BO
Shared initial staging server for ClearFake DLL loaders. Both ec_manchester.dll and chi82.dll contact this IP first on port 80 with unique URL paths. AS215540 Global Connectivity Solutions Frankfurt. Identified via VT sandbox behavior.