Domain > ayh2m57ruxjtwyd5.abctopayforwin.com

More information on this domain is in AlienVault OTX

Reports

http://www.malware-traffic-analysis.net/2015/10/13...

http://www.malware-traffic-analysis.net/2015/11/20...

https://otx.alienvault.com/pulse/561d745c67db8c47d...

https://otx.alienvault.com/pulse/564fafaa67db8c7a1...

Files that talk to ayh2m57ruxjtwyd5.abctopayforwin.com

MD5	A/V
ef978c66dbd14bc6af14edfbaab08780
0bd30fca55a734b29218d45d7dab1a04
d3cda70f2c3f2f2728edd3520f70516c
2b73a1a0a72b00e4fabdad34b954f4b8	[Trojan.Injector.VB] [Win32/Filecoder.CO]
5fea16e95d3ce079297dfef41cc47d8d
906f9098ef9a6dba0c06376a63941942
f6754c92e60fd7e8f292098790fa0550
75375df01c6433e2fb09d3c8f3bdc4d0
2f00898f06ae5278f7bbb3b447fe0a50
f753bf152bb56072a7bde61a806accf7

Whois

Property	Value
Email	rothepenever1989@mail.ru
NameServer	NS2.MNE.RU
Created	2015-09-02 00:00:00
Changed	2015-09-02 00:00:00
Expires	2016-09-02 00:00:00
Registrar	PDR LTD. D/B/A PUBLI

DNS Resolutions

Date	IP Address
2015-10-08	95.128.181.13 (ClassC)
2025-05-05	103.224.182.251 (ClassC)

HTTP/1.1 200 OKdate: Wed, 26 Jun 2024 02:22:22 GMTserver: Apacheset-cookie: __tad1719368542.3207307; expiresSat, 24-Jun-2034 02:22:22 GMT; Max-Age315360000vary: Accept-Encodingcontent-length: 1108cont

html>head>title>abctopayforwin.com/title>script typetext/javascript src/js/fingerprint/iife.min.js>/script>script typetext/javascript>var redirect_link  http://ayh2m57ruxjtwyd5.abctopayforwin.com/?;// Set a timeout of 300 microseconds to execute a redirect if the fingerprint promise fails for some reasonfunction fallbackRedirect() {	window.location.replace(redirect_link+fp-7);}try {	const rdrTimeout  setTimeout(fallbackRedirect, 300);	var fpPromise  FingerprintJS.load({monitoring: false});	fpPromise		.then(fp > fp.get())		.then(			result > { 				var fprt  fp+result.visitorId;				clearTimeout(rdrTimeout);				window.location.replace(redirect_link+fprt);		});} catch(err) {	fallbackRedirect();}/script>style> body { background:#101c36 } /style>/head>body bgcolor#ffffff text#000000>div styledisplay: none;>a hrefhttp://ayh2m57ruxjtwyd5.abctopayforwin.com/?fp-3>Click here to enter/a>/div>noscript>meta http-equivrefresh content0; URLhttp://ayh2m57ruxjtwyd5.abctopayforwin.com/?fp-5>/noscript>/body>/html>

Port 443

HTTP/1.1 200 OKdate: Wed, 26 Jun 2024 02:22:22 GMTserver: Apacheset-cookie: __tad1719368542.3740644; expiresSat, 24-Jun-2034 02:22:22 GMT; Max-Age315360000vary: Accept-Encodingcontent-length: 1108cont

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]