Domain > 1s.gaebot.ip.or.kr

More information on this domain is in AlienVault OTX

Property	Value
Name	woo, sangcheol
Email	sangcheolwoo@gmail.com
NameServer	ns24.dnsever.com
Created	2005-08-04 00:00:00
Changed	2012-02-20 00:00:00
Expires	2016-08-04 00:00:00
Registrar	Megazone

DNS Resolutions

Date	IP Address
2016-03-08	103.232.215.148 (ClassC)
2025-11-01	151.80.13.35 (ClassC)

Port 80

HTTP/1.1 200 OKDate: Fri, 02 Aug 2019 19:20:09 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.16X-Powered-By: PHP/5.4.16Content-Length: 5013Content-Type: text/html; charsetUTF-8

HTML>HEAD>	TITLE>Free subdomain powered by DNSEver.com/TITLE>	META http-equivcontent-type contenttext/html; charsetutf-8>    link relStyleSheet HREFcss/css.css typetext/css titlestyle>    link relStyleSheet HREFcss/partner.css typetext/css titlestyle>/HEAD>BODY MARGINWIDTH0 MARGINHEIGHT0 TOPMARGIN0 LEFTMARGIN0 BACKGROUNDimg/bg.gif>TABLE border0 width100% cellpadding6 cellspacing0>TR>	TD aligncenter>		TABLE border0 width700 cellpadding6 cellspacing0>		TR>		TD>			TABLE border0 width100% cellpadding1 cellspacing0>			TR>			TD bgcolor#FFFFFF>				TABLE border0 width100% cellpadding0 cellspacing0 valigntop>				!-- HEAD ROW {{{ -->				TR>TD>					TABLE border0 width100% cellpadding0 cellspacing0 valigntop>					TR>					!-- LOGO BOX {{{ -->					TD aligncenter width195 height120 bgcolor#376FB6>A hrefhttp://www.dnsever.com>IMG srcimg/logo.gif border0 targetdnsever>/A>/TD>					!-- }}} -->					!-- BANNER BOX {{{ -->						TD aligncenter valignmiddle bgcolor#E9F6FF>							Web-based DNS Service - a hrefhttp://www.dnsever.com>font color#f11111>DNS/font>font color#1111f1>Ever/font>/a>						/TD>					!-- }}} -->					/TR>					/TABLE>				/TD>/TR>				!-- HEAD ROW }}} -->				!-- BODY ROW {{{ -->				TR>					TD valigntop aligncenter>						FORM nameform methodpost actionstart.html>						INPUT typehidden nameexternal valueegloos/>						INPUT typehidden iddomain namedomain value/>						INPUT typehidden idotp nameotp value/>						INPUT typehidden idip nameip value/>						INPUT typehidden idselected_menu nameselected_menu value/>						INPUT typehidden idcommand namecommand value/>						INPUT typehidden nameskey value>						INPUT typehidden nameurl value>						TABLE border0 width100% cellpadding20 cellspacing0 aligncenter>						TR>						TD>						TABLE border0 width80% cellpadding2 cellspacing0 aligncenter>							TR>								TD aligncenter>									TABLE CELLSPACING0 CELLPADDING0 BORDER0>	TR>		TD>IMG SRCimg/ttop.gif>/TD>	/TR>	TR>		TD backgroundimg/tbg-repeat.gif stylebackground-repeat: repeat-y; classtt rowspan2>			Welcome to B>span classsubDomain>

Subdomains

Date	Domain	IP
gkz2000.ip.or.kr	2025-07-31	151.80.13.35
iium4.ip.or.kr	2014-10-15	114.207.112.202
jst926.ip.or.kr	2025-08-31	151.80.13.35
hhk0208.ip.or.kr	2025-07-09	151.80.13.35
banetta.ip.or.kr	2025-10-29	151.80.13.35
amcc.ip.or.kr	2025-10-27	151.80.13.35
lovemusic.ip.or.kr	2025-10-27	151.80.13.35
ilife.ip.or.kr	2025-10-27	151.80.13.35
aprointeractive.ip.or.kr	2025-10-27	151.80.13.35
kheng.ip.or.kr	2025-10-27	151.80.13.35
yam.drug.ip.or.kr	2014-10-16	123.123.123.123
daum.drug.ip.or.kr	2014-10-14	123.123.123.123
naver.drug.ip.or.kr	2014-10-14	123.123.123.123
com.wangyi.ip.or.kr	2025-05-22	151.80.13.35
link.ip.or.kr	2025-10-27	151.80.13.35
bangkok.ip.or.kr	2014-10-16	222.231.0.4
mcn.ip.or.kr	2025-10-27	151.80.13.35
comtip.ip.or.kr	2025-09-30	151.80.13.35
develop.ip.or.kr	2025-10-28	151.80.13.35
kthftp.ip.or.kr	2025-07-02	151.80.13.35
lover.ip.or.kr	2025-10-06	151.80.13.35
tsohr.ip.or.kr	2025-10-27	221.160.104.191
fountainsprings.ip.or.kr	2025-10-27	151.80.13.35
lks.fountainsprings.ip.or.kr	2025-10-27	151.80.13.35
jaypos.ip.or.kr	2025-05-22	151.80.13.35
impact.ip.or.kr	2025-09-25	151.80.13.35
1s.gaebot.ip.or.kr	2016-03-08	103.232.215.148
greenport.ip.or.kr	2025-10-11	151.80.13.35
itu.ip.or.kr	2025-10-27	151.80.13.35
mailrelay.ip.or.kr	2025-10-27	151.80.13.35
infy.ip.or.kr	2025-10-02	151.80.13.35
holy.ip.or.kr	2025-10-27	151.80.13.35
ddosmany.ip.or.kr	2025-10-27	151.80.13.35
gyz.ip.or.kr	2025-10-09	151.80.13.35

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

MD5	A/V
b1c4b158acf8cf6711cd08eb71a6c93c	[W32.SwaveF.Trojan] [Backdoor.PcClient.TEV] [Backdoor.PcClient.ZL4] [Trojan.FakeMS.ED] [W32/Backdoor2.EPNZ] [BKDR_VENIK.SMA] [Backdoor.PcClient.TEV] [Backdoor.PcClient.TEV] [Backdoor.PcClient.TEV] [Trojan.DownLoader9.28536] [BKDR_VENIK.SMA] [BehavesLike.Win32.Backdoor.qc] [Troj/Bckdr-QWZ] [W32/Backdoor.NGGB-2178] [Backdoor:Win32/Venik] [Backdoor.PcClient.TEV] [Backdoor.PcClient.TEV] [Backdoor/Win32.Nbdd] [BScope.P2P-Worm.Palevo] [W32/Nbdd.FB!tr.bdr] [BackDoor.PcClient.2.BK]

Domain > 1s.gaebot.ip.or.kr

Is this malicious?

Files that talk to 1s.gaebot.ip.or.kr

Whois

DNS Resolutions

Port 80

Subdomains