Domain > automotive.20x.cc

More information on this domain is in AlienVault OTX

Reports

https://securelist.com/files/2014/11/darkhotelappe...

Files that talk to automotive.20x.cc

MD5	A/V
9a0963dbee2361fa9cebaa6e0e517774	[W32/Trojan.NJZV-2300] [TR/Dldr.Garveep.B.164] [Trojan.DownLoad2.53695] [Trojan.Win32.Darkhotel.b.silentTrojan.Win32.Darkhotel.silentTrojan-Dropper.Win32.Daws.cnqgTrojan-Dropper.Win32.Daws.cnqfTrojan-Dropper.Win32.Daws.cnqe] [RDN/Downloader.a!tu] [TrojanDownloaderWin32/Garveep.ITrojanDownloader*Win32/Garveep.B] [Trojan.Zbot] [TROJ_GARVEEP.MRX]
788afcc5ae3ba073a3d4eaaf8a685313	[TrojanDownloader*Win32/Garveep.B] [TR/Dldr.Garveep.B.63]

Whois

Property	Value
Email	tabtab3688@yahoo.com
NameServer	NS2196.ISPAPI.NET
Created	2012-05-31 06:01:23
Changed	2014-06-01 05:00:34
Registrar	1 API GMBH

DNS Resolutions

Date	IP Address
2014-11-12	199.59.243.117 (ClassC)
2015-03-17	199.59.243.120 (ClassC)
2018-07-19	199.59.242.150 (ClassC)
2019-06-20	199.59.242.151 (ClassC)
2019-09-05	103.224.212.222 (ClassC)
2024-08-13	65.21.240.245 (ClassC)
2024-11-04	195.201.124.255 (ClassC)
2024-11-23	23.88.53.29 (ClassC)
2024-12-29	95.216.161.60 (ClassC)
2025-04-17	159.69.83.207 (ClassC)
2025-05-25	162.55.172.212 (ClassC)
2025-06-16	159.69.186.9 (ClassC)
2025-07-15	159.69.42.212 (ClassC)
2025-08-01	168.119.245.137 (ClassC)

HTTP/1.1 200 OKServer: openrestyDate: Sun, 19 May 2019 01:18:48 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBA

!DOCTYPE html>html data-adblockkeyMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ_BXeF2hpzo2vc05v8WkYB8agA07rrdjKejgMxCREMQ2o5gq20B6HIApC66+5l4AqUJVCukvMFE7TmGjnLPUtgCg>head>meta http-equivContent-Type contenttext/html; charsetutf-8>title>/title>meta nameviewport contentwidthdevice-width, initial-scale1>meta namedescription contentSee related links to what you are looking for./>/head>!--if IE 6 >body classie6>!endif-->!--if IE 7 >body classie7>!endif-->!--if IE 8 >body classie8>!endif-->!--if IE 9 >body classie9>!endif-->!--if (gt IE 9)|!(IE)> -->body>!--!endif-->script typetext/javascript>g_pb(function(){varDTdocument,azylocation,DDDT.createElement(script),aABfalse,LU;DD.defertrue;DD.asynctrue;DD.src//www.google.com/adsense/domains/caf.js;DD.onerrorfunction(){if(azy.search!?z){azy.href/?z;}};DD.onloadDD.onreadystatechangefunction(){if(!aAB&&LU){if(!windowgoogleNDT_){}LU(google.ads.domains.Caf);}aABtrue;};DT.body.appendChild(DD);return{azl:function(n$){if(aAB)n$(google.ads.domains.Caf);elseLUn$;},bq:function(){if(!aAB){DT.body.removeChild(DD);}}};})();g_pd(function(){varazywindow.location,nw{},bH,azwazy.search.substring(1),aAt,aAv;if(!azw)return nw;aAtazw.split(&);for(bH0;bHaAt.length;bH++){aAvaAtbH.split();nwaAv0aAv1?aAv1:;}return nw;})();g_pc(function(){var $is_ABP_whitelistednull;var $Image1new Image;var $Image2new Image;var $error1false;var $error2false;var $remaining2;var $randomMath.random()*11;function $imageLoaded(){$remaining--;if($remaining0)$is_ABP_whitelisted!$error1&&$error2;}$Image1.onload$Image2.onload$imageLoaded;$Image1.onerrorfunction(){$error1true;$imageLoaded();};$Image2.onerrorfunction(){$error2true;$imageLoaded();};$Image1.src/px.gif?ch1&rn+$random;$Image2.src/px.gif?ch2&rn+$random;return{azo:function(){return&abp+($is_ABP_whitelisted?1:0);},$isWhitelisted:function(){return $is_ABP_whitelisted;},$onReady:function($callback){function $poll(){if($is_ABP_whitelistednull)setTimeout($poll,100);else $callback();}$poll()

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > automotive.20x.cc

Is this malicious?

Reports

Files that talk to automotive.20x.cc

Whois

DNS Resolutions

Port 80