Domain > ggteam2024.gnway.cc

More information on this domain is in AlienVault OTX

Files that talk to ggteam2024.gnway.cc

MD5	A/V
2856cfce8248daaa88cda8c79d8394f4	[Backdoor.Zegost] [Backdoor.Win32.Zegost.msxts] [Trojan.Win32.Delf] [W32/Threat-SysVenFak-based!Maxi] [W32/Threat-SysVenFak-based!Maxi] [W32/Delf.QKO!tr] [Luhe.Packed.AP] [Win32/Delf.QKO] [Trojan.Cap148315.jjkh]
302223cb4d0052ea95ca1619584773c0	[Trojan.DownLoader11.27420] [Luhe.Packed.AP] [Win32/Delf.QKO] [Backdoor.Farfli.Win32.727] [Trojan.Win32.Delf] [Trojan.Skeeyah.ra] [W32/Threat-SysVenFak-based!Maxi] [W32/Injector.NTS!tr] [Trojan.VB] [Trojan.VB.corj.qrio] [Trojan*Win32/Skeeyah.A!rfn] [W32/Threat-SysVenFak-based!Maxi]
7c9d985ba5a698e44f80f0bfde3658cc	[Trojan.VB.corj.qrio] [Win32/Delf.QKO] [Luhe.Packed.AP] [W32/Injector.NTS!tr] [W32/Threat-SysVenFak-based!Maxi] [W32/Threat-SysVenFak-based!Maxi] [Trojan.Win32.Delf] [Backdoor.Farfli.Win32.727] [Trojan.VB] [Trojan.DownLoader11.27420]
240343da319f3cb56e5ad7587d3468a5	[Trojan.VB.corj.qrio] [Win32/Delf.QKO] [Luhe.Packed.AP] [W32/Injector.NTS!tr] [Trojan*Win32/Dynamer!ac] [W32/Threat-SysVenFak-based!Maxi] [W32/Threat-SysVenFak-based!Maxi] [Trojan.Win32.Delf] [Backdoor.Farfli.Win32.727] [Trojan.VB] [Trojan.DownLoader11.27420]
8a82d0df3cdfbcae2a38b70c37fa6a53	[Trojan.DownLoader11.27420] [Trojan.VB] [Backdoor.Farfli.Win32.727] [Trojan.Win32.Delf] [W32/Threat-SysVenFak-based!Maxi] [W32/Threat-SysVenFak-based!Maxi] [Trojan*Win32/Skeeyah.A!rfn] [W32/Delf.QKO!tr] [Luhe.Packed.AP] [Win32/Delf.QKO] [Trojan.VB.corj.qrio]
1c6fa0b1b72bfd46cf1a27fcae0873ab	[Win32/Remex.ZAZQ!suspicious] [Trojan.DownLoader11.27420] [Trojan.VB] [Backdoor.Farfli.Win32.727] [Trojan.Win32.Delf] [W32/Threat-SysVenFak-based!Maxi] [W32/Threat-SysVenFak-based!Maxi] [Trojan*Win32/Skeeyah.A!rfn] [W32/Injector.NTS!tr] [Luhe.Packed.AP] [Win32/Delf.QKO] [Trojan.VB.corj.qrio]

Whois

Property	Value
Email	gnway@gnway.com
NameServer	NS1.GNWAY.COM
Created	2013-03-30 00:18:47
Changed	2014-12-01 08:19:04
Registrar	XIN NET TECHNOLOGY C

DNS Resolutions

Date	IP Address
2014-08-14	174.139.217.151 (ClassC)
2014-09-28	103.224.248.227 (ClassC)
2015-05-07	122.10.93.136 (ClassC)
2022-11-07	11.23.33.44 (ClassC)
2025-12-06	47.88.148.135 (ClassC)

Port 80

HTTP/1.1 200 OKDate: Sat, 02 Dec 2023 14:45:45 GMTServer: Apache/2.4.4 (Unix) OpenSSL/1.0.0-fips PHP/5.4.13X-Powered-By: PHP/5.4.13Content-Length: 4844Content-Type: text/html

!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>html xmlnshttp://www.w3.org/1999/xhtml>head>meta http-equivContent-Type contenttext/html; charsetgb2312 />title>��̬��������������������/title>style typetext/css>body, div, dl, dt, dd, ul, ol, li, h1, h2, h3, h4, h5, h6, pre, form, fieldset, input, textarea, p, blockquote, th, td { margin:0; padding:0; }.dtym_center{ width:960px; margin:0 auto; background:url(http://images.gnvip.net/images/dtym_bg.jpg) repeat-x;  height:570px; padding-top:20px; padding-left:0px;}.dtym_img{ padding-left:60px; }.dtym_title_1{ background:url(http://images.gnvip.net/images/dtym_mian_1.jpg) no-repeat; width:692px; height:156px; margin:0 auto;}.dtym_title_2{ background:url(http://images.gnvip.net/images/dtym_mian_2.jpg) no-repeat; width:512px; height:189px; margin:0 auto;  padding:0px 70px 0px 110px; text-align:justify; }.dtym_title_1 h1{ line-height:20px; font-size:16px; color:#000; font-family:΢���ź�; padding-left:200px; padding-top:110px;}.gHeight{ width:40px; height:40px;}.dtym_title_2 h1{ line-height:30px; font-size:12px; color:#000; font-family:΢���ź�; width:500px; font-weight:100; text-align:justify; padding-left:30px; display:inline;}.broadband_footer{width: 100%;height: 414px;background: #212832;padding-top: 85px;}.foot_title{font-size: 12px;color: #556476;line-height: 20px;text-align: center;}/style>/head>script languagejavascript typetext/javascript srchttp://www.gnway.com/js/JQuery-1.4.2/jquery-1.4.2.min.js>/script>script languagejavascript typetext/javascript srchttp://www.gnway.com/js/JTongfu-1.0.0/jtongfu.jq.js>/script>script typetext/javascript>$(function(){var domainName  ggteam2024.gnway.cc;var str  ;var is_vip  ;	if(str){		///�Ѿ�����		document.getElementById(msgM).innerHTML ���ã���ʹ�õĽ���ά��̬�������������Ѿ����ڣ�br>Ϊ��Ӱ�����Ĺ�������a hrefhttp://www.gnway.com/user/gnhostVIP.php?type+is_vip+>���/a>����;		document.getElementById(msg2).innerHTML h1>a hrefhttp://www.gnway.com target_blank>���

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > ggteam2024.gnway.cc

Is this malicious?

Files that talk to ggteam2024.gnway.cc

Whois

DNS Resolutions

Port 80