Scam Detective

Scam Campaign

Mirai Scam, 176.65.132.117

Identified on 5/15/2026

How This Campaign Connects

Domain: 45.153.34.231 — High Risk, 0 complaints45.153.34.2…Domain: 192.109.200.232 — High Risk, 0 complaints192.109.200…Domain: 192.109.200.213 — High Risk, 0 complaints192.109.200…Domain: 164.92.230.74 — High Risk, 0 complaints164.92.230.…Domain: 176.65.132.117 — High Risk, 0 complaintsDomain176.65.132.117High RiskSuspiciousConsumer ComplaintsLow Activity
The primary entity at the center and the rest of the cluster around it.

Primary Entity

domain

176.65.132.117
High Risk
  • Flagged by Google Safe Browsing
  • No SSL certificate

Campaign Narrative

This cluster centers on 5 connected domains tagged as DDoSAgent, mirai, wraith-scan. The domains include 176.65.132.117, 164.92.230.74, 45.153.34.231, 192.109.200.232, 192.109.200.213. 5 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus.

Flagged domains in this cluster, 176.65.132.117, 164.92.230.74, 45.153.34.231, 192.109.200.232, 192.109.200.213.

Do not click links to any of the flagged domains. If you have visited one, check your accounts for unauthorized activity and consider changing your passwords. You can report suspicious contacts to the FTC at reportfraud.ftc.gov or to the FCC at consumercomplaints.fcc.gov.

This campaign was identified through automated analysis of threat intelligence feeds and entity relationship mapping.

Entity Roster

Domains (5)

Data Sources

Scam Prevention Resources

Medicare Medical Equipment Scams Run All Year

A live caller offers you a free back brace, covered by Medicare. What they're really after is your Medicare number and a bill for equipment you never receive.

Fake Debt Robocalls Threatening Wage Garnishment Operate Under a Relief Disguise

Robocalls claiming to be from American Financial Relief are threatening wage garnishment, property liens, and criminal charges to pressure people into calling back. Here is what the complaint data shows.

www.ccspayment.com Collects Payments for Fake Insurance Debts Across Seven Numbers

Fraudsters posing as a debt collection agency are sending texts and voicemails that name real insurance companies to pressure people into paying fake debts. Here is what the reports show and how to protect yourself.

Agent "Micheal Stewart" at (310) 437-3551 Is Running a PCH Prize Fraud

Callers claiming to represent Publishers Clearing House are pressing people to confirm personal details or pay fees to collect prizes that do not exist. Here is what the reports show.

Fake Debt Calls Operating Under "AD Processing" Rotate Across Eight Numbers

Callers claiming to work for AD Processing are leaving threatening voicemails, contacting family members, and pressuring people over debts that do not exist. Here is what the reports show.

View all articles

NordPass Stop reusing passwords across accounts

After a breach, attackers try stolen passwords on every site you use. NordPass generates and stores a unique password for each account.

Try NordPassAffiliate link. We may earn a commission.
View all campaigns