Domain > a223114.vicp.cc

More information on this domain is in AlienVault OTX

Files that talk to a223114.vicp.cc

MD5	A/V
f8713bd5e09f4748ebd4330ac6eb6860	[Trojan.Brrowho!] [W32/Threat-HLLIE-based!Maximus] [DDOS_NITOL.UJC] [Trojan.DownLoader15.19106] [DDOS_NITOL.UJC] [BehavesLike.Win32.Dropper.tc] [W32/Threat-HLLIE-based!Maximus] [DDoS:Win32/Nitol.G] [Trojan.Kazy.DA574C] [Artemis!F8713BD5E09F] [Win32.Trojan.Spy.Edwz] [W32/Brrowho.H!tr] [Win32/Heur] [Trojan.Win32.Brrowho.H]
8fcabcb57adf698a3666ec8a4f075f6d	[Spyware.OnlineGames] [Worm.Win32.Dropper.RA] [BehavesLike.Win32.Pasta.jh] [Win32/ASuspect.HHDZV] [Pasta] [Win32/DH{QS4TJVdhCU4}] [Win32/Trojan.0d8]
b083516150b4a6c5531fda8da6f7f0c8	[Trojan.DownLoader15.62223] [W32/Trojan.YUDU-9013] [Backdoor*Win32/Zegost.AD] [Backdoor.Trojan] [Win32/Farfli.PZ] [W32/Farfli.PZ!tr] [Trojan.Win32.Farfli] [BScope.P2P-Worm.Palevo] [Backdoor.Win32.Zegost.msxro] [Backdoor.Zegost.Win32.4099]

Whois

Property	Value
Email	cyy@vavic.com
NameServer	NS2.EXHERA.COM
Created	2006-08-03 07:52:52
Changed	2015-04-08 00:40:12
Registrar	WEB COMMERCE COMMUNI

DNS Resolutions

Date	IP Address
2015-06-14	211.149.195.18 (ClassC)
2015-07-15	134.19.176.123 (ClassC)
2015-08-21	123.57.25.134 (ClassC)
2016-01-16	115.159.42.154 (ClassC)
2017-02-24	106.75.65.176 (ClassC)
2018-10-05	61.142.176.23 (ClassC)
2019-03-09	174.128.255.253 (ClassC)
2019-04-08	174.128.255.239 (ClassC)
2019-04-09	174.128.255.233 (ClassC)
2019-04-11	174.128.255.229 (ClassC)
2019-04-17	174.128.255.230 (ClassC)
2019-06-21	174.128.255.236 (ClassC)
2019-06-25	174.128.255.245 (ClassC)
2019-07-12	174.128.255.232 (ClassC)
2019-09-01	174.128.255.237 (ClassC)
2025-03-23	47.111.82.157 (ClassC)
2025-08-01	146.56.248.213 (ClassC)

HTTP/1.1 200 OKServer: nginxDate: Thu, 20 Jun 2019 11:50:28 GMTContent-Type: text/htmlContent-Length: 3854Last-Modified: Wed, 04 Nov 2015 21:47:28 GMTConnection: keep-aliveVary: Accept-EncodingETag: 5

!DOCTYPE html>html>head>meta charsetutf-8 />meta http-equivX-UA-Compatible contentIEEdge,chrome1 />title>很抱歉，您访问的花生壳动态域名不在线，请稍后再尝试访问！/title>link hrefimg/style.css typetext/css relstylesheet />script>location.assign(http://offline-adv.oray.com/?host + location.host);/script>script>  (function(i,s,o,g,r,a,m){iGoogleAnalyticsObjectr;irir||function(){  (ir.qir.q||).push(arguments)},ir.l1*new Date();as.createElement(o),  ms.getElementsByTagName(o)0;a.async1;a.srcg;m.parentNode.insertBefore(a,m)  })(window,document,script,//www.google-analytics.com/analytics.js,ga);  ga(create, UA-42330484-1, auto);  ga(send, pageview);/script>/head>body>div classheader-wrapper>    div classheader>        div classlogo>a hrefhttp://www.oray.com/jump/44063>img srcimg/ph_logo.png >/a>/div>        div classext>很抱歉，您访问的a href http://www.oray.com/jump/43573 target_blank classred>花生壳动态域名/a>span iddomain>/span>不在线，请稍后再尝试访问！/div>    /div>/div>div classcontainer>	ul classclear pic>    	li>a hrefhttp://www.oray.com/jump/43772 target_blank>img src./img/pic_10.jpg border0 />/a>/li>    	li idpic-sl>/li>    	li>a hrefhttp://www.oray.com/jump/44058 target_blank>img src./img/pic_04.jpg border0 />/a>/li>    /ul>        div idad-wrapper classadpic clear styleheight: 520px>    /div>    script typetext/javascript languageJavaScript>	pic  new Array(4);	pic0  a hrefhttp://www.oray.com/jump/44101 target_blank>img src./img/pic_sl-01.png border0 />/a>;	pic1  a hrefhttp://www.oray.com/jump/44102 target_blank>img src./img/pic_sl-02.png border0 />/a>;	pic2  a hrefhttp://www.oray.com/jump/44103 target_blank>img src./img/pic_sl-03.png border0 />/a>;	pic3  a hrefhttp://www.oray.com/jump/44104 target_blank>img src./img/pic_sl-04.png border0 />/a>;	index  Math.floor(Math.random() * pic.length);	document.getElementById(pic-sl).innerHTML  picindex;		document.title  很抱歉，您访问的花生壳动态域名 + location.host + 不在线，请稍后再尝试�

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > a223114.vicp.cc

Is this malicious?

Files that talk to a223114.vicp.cc

Whois

DNS Resolutions

Port 80