The machine using this IP is infected with malware that is emitting spam, or is sharing a connection with an infected device.
As a result, this IP address is listed in the eXploits Blocklist (XBL)
A device using 126.96.36.199 is infected with malware:
188.8.131.52 initiated contact with a
matsnu command and control server, using contents unique to
matsnu C&C command protocols.
184.108.40.206 initiated a
tcp connection from
220.127.116.11 using source port
57146, to the sinkhole IP address
18.104.22.168 on destination port
The most recent detection was on: December 4 2022, 06:32:18 UTC.
matsnu - also known as "Trustezeb" is a trojan that targets the Microsoft Windows operating system. It can perform different commands such as remotely downloading and executing files, updating itself and its C&C server, and also can be used as ransomware.
Additional information on matsnu can be found by doing a web search.
If this is a shared server, please call your hosting company or ISP!
This listing is the result of what we believe to be a security issue. To stop ongoing listings and to secure your network, devices, and data, we recommend both prevention and remediation of the issue.
Spamhaus has an FAQ about general security best practices that should be followed.
To find and remove the malware from your Windows computer please see the Microsoft website.
XBL listings expire automatically after the last detection. If necessary, once the security issue is solved, you can update an existing ticket to request removal.