Domain > game4.down.sandai.net | Threatcrowd.org Open Source Threat Intelligence

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to game4.down.sandai.net

MD5	A/V
7c6722e3d52a578a080ac35de81c2e8e	[W32/Trojan.UYFU-9205W32/Backdoor.KWBJ-4867] [BDS/Plugx.A.68] [Backdoor.Plugx] [Trojan.DownLoader7.28550] [Win32/Korplug.DGWin32/Korplug.AWin32/Korplug.BJ] [Backdoor.Win32.Gulpix.aBackdoor.Win32.Gulpix.cr*Backdoor.Win32.Gulpix.cq] [TROJ_PLUGX.SMO]
4e432ad824484d5d22a2f2198a1f046d	[Backdoor.Plugx] [Backdoor.Bot] [Backdoor] [Backdoor.Korplug] [Win32.Trojan] [Backdoor.Win32.Gulpix.a] [Trojan.DownLoader7.27671] [BDS/Plugx.A.71] [TROJ_PLUGX.SMO] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Plugx.A] [Backdoor/Win32.Gulpix] [Backdoor.Win32.RA-based] [W32/RA_based.BZ!tr.bdr] [Trj/CI.A]
fe128688737d6633fe6f3afaa2812f11	[W32/Backdoor.KWBJ-4867W32/Trojan.UYFU-9205] [BDS/RABased.bz] [Win.Trojan.PlugX-71] [BackDoor.Spy.1955] [Win32/Korplug.BJWin32/Korplug.A] [W32/Gulpix.CQ!tr.bdr] [Backdoor.Korplug] [TROJ_PLUGX.SMO]
8a4ca8e69718f30d8c4d03296228153a
b39b15e19c999636338d3e131e321a45

Whois

Property	Value
Email	wkn@sandai.net
NameServer	NS2.XUNLEI.NET
Created	2003-01-27 00:00:00
Changed	2013-08-01 00:00:00
Expires	2017-01-27 00:00:00
Registrar	HICHINA ZHICHENG TEC

DNS Resolutions

Date	IP Address
2013-04-01	61.137.191.74 (ClassC)
2013-04-01	119.188.11.1 (ClassC)
2013-04-01	61.137.191.72 (ClassC)
2013-04-30	119.188.94.179 (ClassC)
2013-07-21	119.188.94.179 (ClassC)
2013-08-16	61.54.12.151 (ClassC)
2013-09-10	122.143.5.55 (ClassC)
2013-09-12	122.143.5.58 (ClassC)
2013-09-12	122.143.1.163 (ClassC)
2013-09-21	122.143.5.90 (ClassC)
2013-09-21	122.143.1.164 (ClassC)
2013-09-22	122.143.1.131 (ClassC)
2013-09-23	122.143.5.100 (ClassC)
2013-09-23	122.143.5.57 (ClassC)
2013-09-23	122.143.5.54 (ClassC)
2014-03-05	112.80.23.134 (ClassC)
2014-03-11	112.80.23.132 (ClassC)
2014-10-17	112.87.43.16 (ClassC)
2014-12-15	112.87.43.168 (ClassC)
2015-01-17	112.87.43.170 (ClassC)
2015-01-25	112.87.43.172 (ClassC)
2015-01-31	112.87.43.169 (ClassC)
2015-02-10	112.87.43.173 (ClassC)
2015-02-13	112.87.43.171 (ClassC)
2015-05-26	112.87.43.8 (ClassC)
2016-10-10	122.143.5.115 (ClassC)
2016-10-22	122.143.5.116 (ClassC)
2019-03-10	182.118.18.122 (ClassC)
2019-03-11	122.193.41.43 (ClassC)
2019-03-11	122.143.5.46 (ClassC)
2019-11-02	153.35.132.238 (ClassC)
2020-03-17	49.7.55.164 (ClassC)
2025-08-09	106.8.130.190 (ClassC)

Subdomains

Date	Domain	IP
twin14528vm6.sandai.net	2015-02-11	111.161.125.232
lb1.c0367.sandai.net	2014-01-14	58.251.57.175
lb1.c04028.sandai.net	2014-09-16	163.177.79.253
sr.m.hub.sandai.net	2024-07-29	116.132.223.136
idx.m.hub.sandai.net	2025-05-16	112.64.218.154
cncidx.m.hub.sandai.net	2024-07-27	112.64.218.40
master.hub.sandai.net	2019-08-08	112.87.43.227
cdn.vabs.hub.sandai.net	2023-12-04	222.73.33.248
m.v6.shub.sandai.net	2025-03-25	112.64.218.40
cnc.m.v6.shub.sandai.net	2025-05-18	112.64.218.154
hub5btmain.v6.shub.sandai.net	2024-07-13	116.132.218.191
hub5sr.v6.shub.sandai.net	2024-10-02	112.64.218.40
hub5emu.v6.shub.sandai.net	2025-03-10	112.64.218.154
hub5idx.v6.shub.sandai.net	2024-06-16	116.132.223.136
hub5sr.shub.sandai.net	2015-03-24	123.129.242.139
hub5idx.shub.sandai.net	2014-04-30	123.129.242.139
hub5c.sandai.net	2024-06-29	112.64.218.64
down-hezi.sandai.net	2025-06-05	111.6.201.146
hub5btmain.em.sandai.net	2013-11-05	123.129.242.139
tel.hub5btmain.em.sandai.net	2025-06-27	180.163.202.31
hub5pn.em.sandai.net	2024-06-13	58.144.251.1
hub5sr.em.sandai.net	2025-07-07	180.163.203.6
cnc.hub5sr.em.sandai.net	2025-07-06	180.163.203.6
tel.hub5sr.em.sandai.net	2025-07-04	180.163.203.6
hub5u.em.sandai.net	2025-06-18	47.102.130.81
hub5emu.em.sandai.net	2025-07-09	180.163.203.6
hub5btmain.sandai.net	2015-02-15	123.129.242.139
hub5c.maxthon.sandai.net	2024-07-30	116.132.223.136
hub5t.maxthon.sandai.net	2025-04-29	112.64.218.40
hub5u.maxthon.sandai.net	2025-04-19	47.102.130.81
hub5c.union.sandai.net	2024-08-15	112.64.218.40
ftp.union.sandai.net	2024-04-25	61.160.227.237
hub5t.union.sandai.net	2024-06-02	112.64.218.64
hub5u.union.sandai.net	2025-07-05	47.92.164.165
hub5pn.sandai.net	2014-09-30	182.118.14.152
g1.hub5pn.sandai.net	2024-06-13	58.144.251.1
g2.hub5pn.sandai.net	2024-07-04	123.6.27.49
g3.hub5pn.sandai.net	2024-05-19	123.6.27.16
xzb.hub5pn.sandai.net	2024-04-08	111.206.4.164
cnc.hub5pn.sandai.net	2024-09-24	111.206.4.176
g1.cnc.hub5pn.sandai.net	2025-01-14	111.206.4.177
g2.cnc.hub5pn.sandai.net	2024-07-29	111.206.4.195
g3.cnc.hub5pn.sandai.net	2024-06-28	111.206.4.195
down.sandai.net	2014-02-04	112.80.23.153
game3.down.sandai.net	2025-07-20	106.8.130.190
game4.down.sandai.net	2014-03-11	112.80.23.132
mac.down.sandai.net	2024-06-13	180.163.207.107
upgrade.down.sandai.net	2024-10-15	180.97.147.12
patch.down.sandai.net	2024-07-04	180.163.145.201
m.down.sandai.net	2014-01-29	58.222.24.240
com.down.sandai.net	2023-11-30	101.226.26.218
xmp.down.sandai.net	2014-02-06	112.80.23.131
down.co.sandai.net	2014-02-14	112.80.23.160
xmp.down.co.sandai.net	2015-02-11	112.87.43.16
hub5btmain.wap.sandai.net	2025-05-17	112.64.218.154
hub5pn.wap.sandai.net	2024-04-17	211.91.242.37
hub5sr.wap.sandai.net	2024-06-16	116.132.223.136
hub5u.wap.sandai.net	2025-06-15	47.102.130.81
hub5emu.wap.sandai.net	2024-07-30	112.64.218.64
sub.xmp.sandai.net	2025-05-31	106.14.221.44
hub5pr.sandai.net	2025-07-02	140.206.220.33
hub5sr.sandai.net	2013-09-03	123.129.242.139
cnchub5sr.sandai.net	2019-10-25	112.87.43.227
hub4t.sandai.net	2024-06-29	112.64.218.154
hub5t.sandai.net	2014-09-30	123.129.242.139
hub5u.sandai.net	2025-06-21	47.102.130.81
cnchub5u.sandai.net	2025-05-19	116.128.216.220
bgphub5u.sandai.net	2025-05-12	47.92.164.165
hub5emu.sandai.net	2015-05-13	123.129.242.139
02.rcv.sandai.net	2014-11-14	119.189.1.39
www.sandai.net	2025-07-25	112.124.227.84
score.phub.hz.sandai.net	2014-11-06	163.177.79.152
relay.phub.hz.sandai.net	2014-11-06	58.254.134.245
hub5sr.shub.hz.sandai.net	2024-06-16	112.64.218.40
hub5idx.shub.hz.sandai.net	2024-11-07	112.64.218.40
hub5c.hz.sandai.net	2014-11-06	123.129.242.140
hub5pnc.hz.sandai.net	2014-11-06	119.188.108.56
hub5pn.hz.sandai.net	2019-10-14	118.212.146.21
pmap.hz.sandai.net	2014-11-06	122.143.5.59
hub5pr.hz.sandai.net	2019-06-10	119.188.108.13
imhub5pr.hz.sandai.net	2019-08-15	121.9.209.150
hub5sr.hz.sandai.net	2019-08-07	112.87.43.227
hubstat.hz.sandai.net	2014-11-06	123.129.242.154
hub5u.hz.sandai.net	2014-11-06	58.254.134.201

View on OTX | View on ThreatMiner