Domain > by4cq.vicp.cc

More information on this domain is in AlienVault OTX

Property	Value
Email	cyy@vavic.com
NameServer	NS2.EXHERA.COM
Created	2006-08-03 07:52:52
Changed	2015-04-08 00:40:12
Registrar	WEB COMMERCE COMMUNI

DNS Resolutions

Date	IP Address
2019-06-21	174.128.255.236 (ClassC)
2019-06-25	174.128.255.245 (ClassC)
2019-07-12	174.128.255.232 (ClassC)
2019-08-16	174.128.255.254 (ClassC)
2019-08-21	174.128.255.242 (ClassC)
2019-08-22	174.128.255.231 (ClassC)
2019-08-31	174.128.255.237 (ClassC)
2019-11-26	174.128.255.252 (ClassC)
2025-08-06	0.0.0.0 (ClassC)

HTTP/1.1 200 OKServer: nginxDate: Thu, 20 Jun 2019 20:59:29 GMTContent-Type: text/htmlContent-Length: 3854Last-Modified: Wed, 04 Nov 2015 21:47:28 GMTConnection: keep-aliveVary: Accept-EncodingETag: 5

!DOCTYPE html>html>head>meta charsetutf-8 />meta http-equivX-UA-Compatible contentIEEdge,chrome1 />title>很抱歉，您访问的花生壳动态域名不在线，请稍后再尝试访问！/title>link hrefimg/style.css typetext/css relstylesheet />script>location.assign(http://offline-adv.oray.com/?host + location.host);/script>script>  (function(i,s,o,g,r,a,m){iGoogleAnalyticsObjectr;irir||function(){  (ir.qir.q||).push(arguments)},ir.l1*new Date();as.createElement(o),  ms.getElementsByTagName(o)0;a.async1;a.srcg;m.parentNode.insertBefore(a,m)  })(window,document,script,//www.google-analytics.com/analytics.js,ga);  ga(create, UA-42330484-1, auto);  ga(send, pageview);/script>/head>body>div classheader-wrapper>    div classheader>        div classlogo>a hrefhttp://www.oray.com/jump/44063>img srcimg/ph_logo.png >/a>/div>        div classext>很抱歉，您访问的a href http://www.oray.com/jump/43573 target_blank classred>花生壳动态域名/a>span iddomain>/span>不在线，请稍后再尝试访问！/div>    /div>/div>div classcontainer>	ul classclear pic>    	li>a hrefhttp://www.oray.com/jump/43772 target_blank>img src./img/pic_10.jpg border0 />/a>/li>    	li idpic-sl>/li>    	li>a hrefhttp://www.oray.com/jump/44058 target_blank>img src./img/pic_04.jpg border0 />/a>/li>    /ul>        div idad-wrapper classadpic clear styleheight: 520px>    /div>    script typetext/javascript languageJavaScript>	pic  new Array(4);	pic0  a hrefhttp://www.oray.com/jump/44101 target_blank>img src./img/pic_sl-01.png border0 />/a>;	pic1  a hrefhttp://www.oray.com/jump/44102 target_blank>img src./img/pic_sl-02.png border0 />/a>;	pic2  a hrefhttp://www.oray.com/jump/44103 target_blank>img src./img/pic_sl-03.png border0 />/a>;	pic3  a hrefhttp://www.oray.com/jump/44104 target_blank>img src./img/pic_sl-04.png border0 />/a>;	index  Math.floor(Math.random() * pic.length);	document.getElementById(pic-sl).innerHTML  picindex;		document.title  很抱歉，您访问的花生壳动态域名 + location.host + 不在线，请稍后再尝试�

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

MD5	A/V
c4b99c1933aa0d851999a46762352f66	[Backdoor.Zegost.AD4] [Backdoor.Bot] [Trojan.Win32.Magania.bbuqib] [Kryptik.DAW] [TSPY_ZEGOST_BL132D05.TOMC] [Suspicious!SA] [Trojan.Win32.A.PSW-Magania.599040] [Backdoor.Win32.Zegost.ADJ] [Trojan.PWS.Wsgame.34325] [BDS/Zegost.adj] [Heuristic.LooksLike.Win32.SuspiciousPE.J] [Troj/Zegost-BL] [Trojan/PSW.Magania.bioj] [Win32.Hack.Gnail.z.(kcloud)] [Backdoor:Win32/Zegost.AD] [Trojan/Win32.Magania] [BScope.P2P-Worm.Palevo] [PE:Backdoor.Win32.Gnail.z!1075351296] [Backdoor.Win32.Zegost] [W32/Farfli.NO!tr]

Domain > by4cq.vicp.cc

Is this malicious?

Files that talk to by4cq.vicp.cc

Whois

DNS Resolutions

Port 80