Domain > gtms04.alicdn.com

More information on this domain is in AlienVault OTX

Files that talk to gtms04.alicdn.com

MD5	A/V
d99e3c9ec38b228d4b0e33edb1a3d1f1	[UnclassifiedMalware] [Win32/Trojan.5a3]
25190c93399e76348671ddc3f3c92cd0	[W32.Clod55e.Trojan.1b32] [Backdoor.VB.jyc] [Backdoor.VB.Win32.7238] [Backdoor/VB.jyc] [Trojan.Win32.VB.gwlya] [W32/Backdoor2.GITN] [Backdoor.Win32.VB.jyc] [Backdoor.VB!K8mb9j4P4k8] [Backdoor.Win32.A.VB.311296.H] [Backdoor.Win32.VB.~O] [Trojan.Click3.5816] [BDS/VB.jyb] [Heuristic.BehavesLike.Win32.Suspicious-BAY.K] [Trojan[Backdoor]/Win32.VB] [Trojan:Win32/Provis!rts] [W32/Backdoor.XNIO-8368] [Trojan/Win32.Xema] [Trojan.VBRA.012924] [PE:Trojan.StartPage!1.6871] [Backdoor.Win32.VB] [W32/VB.JYC!tr.bdr] [BackDoor.VB.ICO] [Backdoor.Win32.VB.ab] [Win32/Backdoor.dd2]
886e1510a3fcdda160a3461965623501	[Artemis!88156F8F2748] [Trojan.FakeATI] [Infostealer.Limitail] [TROJ_GE.529FCC97] [Zip.Suspect.WinDoubleExtension-zippwd-2] [Backdoor.Win32.Androm.fcyl] [Win32.Trojan.Inject.Auto] [Troj/MSIL-AMR] [Trojan.PWS.Stealer.13025] [TR/Dropper.MSIL.87001] [Backdoor.Win32.Androm.AI] [MSIL/Spy.LimitLogger.A] [Trojan.Win32.Resetter] [MSIL5.ROY] [Trj/Chgt.H]
67b4b2433c45df797fd95cff59ddc733	[W32.Clod3d6.Trojan.426d] [Trojan/W32.Vilsel.204800.C] [Artemis!67B4B2433C45] [Trojan.Vilsel.Win32.7281] [Trojan/Vilsel.agqy] [Trojan.Win32.Vilsel.cwsdd] [Trojan.Win32.Vilsel.agqy] [Trojan.Vilsel!PEvXyqIpQ9A] [Trojan.Win32.Vilsel.204800] [UnclassifiedMalware] [Trojan.DownLoader4.57163] [Trojan/Vilsel.hre] [Trojan/Win32.Vilsel] [Win32.Troj.Vilsel.(kcloud)] [Trojan.Win32.Vilsel] [W32/Vilsel.AGQY!tr]
e682b625ae543d6b059baa49569954db	[HW32.Packed.4BA6] [Trojan.MicroJoiner.A] [Suspicious.MH690.A] [Downloader] [TROJ_MICROJOIN.W] [Trojan.Dropper-4960] [Trojan.Win32.Microjoin.jkzg] [TrojWare.Win32.TrojanDownloader.Tiny.~BU] [Trojan.Packed.1722] [Mal/Dropper-C] [TrojanDropper.Microjoin.acm] [Trojan:Win32/Bulta!rfn] [Virus.Win32.Heur.c] [Trojan-PWS.Win32.LdPinch] [W32/Dropper.MLTR!tr] [Dropper.Microjoin] [Win32/Trojan.ffd]
961c0ed105b1f4ade335051a3a1b0816
08e862628686a670faf5854daf29485b
87682693f4e2d6d6aa676e4270267d7b
6946a5584bf8fc445899ffc20767e744	[Artemis!6946A5584BF8] [Win32.Trojan.WisdomEyes.151026.9950.9986] [TROJ_RAZY.A] [Trojan.Win32.Razy.edogyd] [TROJ_RAZY.A] [BehavesLike.Win32.Cryptlore.th] [W32/Trojan.GFIA-0402] [TR/Razy.xulg] [Trojan.Razy.DF519] [Pakes2_c.CJJX] [Win32/Trojan.0d9]

Whois

Property	Value
Email	dnsadmin@hk.alibaba-inc.com
NameServer	NSHZ.ALIBABAONLINE.COM
Created	2008-06-25 00:00:00
Changed	2014-06-12 00:00:00
Expires	2016-06-25 00:00:00
Registrar	MARKMONITOR INC.

DNS Resolutions

Date	IP Address
2013-09-11	66.102.255.40 (ClassC)
2013-10-19	66.102.255.50 (ClassC)
2013-12-10	183.61.241.120 (ClassC)
2013-12-10	119.167.151.240 (ClassC)
2013-12-17	222.73.134.50 (ClassC)
2013-12-22	183.61.241.110 (ClassC)
2013-12-27	27.221.24.150 (ClassC)
2014-01-08	27.221.24.140 (ClassC)
2014-03-19	114.80.174.50 (ClassC)
2014-03-22	114.80.174.40 (ClassC)
2014-05-13	195.59.70.240 (ClassC)
2014-05-15	220.181.141.240 (ClassC)
2014-05-25	220.181.141.250 (ClassC)
2014-06-03	180.149.155.50 (ClassC)
2014-06-09	180.149.155.40 (ClassC)
2014-06-10	195.27.31.240 (ClassC)
2014-06-20	195.27.31.250 (ClassC)
2014-07-15	195.59.70.240 (ClassC)
2014-07-25	63.85.36.24 (ClassC)
2014-08-05	65.126.84.40 (ClassC)
2014-08-13	199.117.103.88 (ClassC)
2014-08-14	199.117.103.59 (ClassC)
2014-08-19	199.117.103.128 (ClassC)
2014-08-20	96.17.197.33 (ClassC)
2014-08-20	63.85.36.18 (ClassC)
2014-08-25	23.67.244.81 (ClassC)
2014-08-27	199.117.103.147 (ClassC)
2014-08-29	63.156.193.154 (ClassC)
2014-08-29	199.117.103.154 (ClassC)
2014-08-29	23.67.242.34 (ClassC)
2014-09-01	67.132.183.42 (ClassC)
2014-09-03	23.3.68.211 (ClassC)
2014-09-04	96.17.111.11 (ClassC)
2014-09-08	128.177.96.26 (ClassC)
2014-09-15	23.67.242.35 (ClassC)
2014-09-25	199.117.103.136 (ClassC)
2014-09-28	165.254.114.26 (ClassC)
2014-10-01	165.254.206.147 (ClassC)
2014-10-14	5.178.43.10 (ClassC)
2014-10-14	23.15.4.16 (ClassC)
2014-10-14	5.178.43.18 (ClassC)
2014-10-14	23.15.4.8 (ClassC)
2014-10-16	5.178.43.48 (ClassC)
2014-10-16	5.178.43.50 (ClassC)
2014-10-19	67.132.183.67 (ClassC)
2014-10-22	23.74.9.222 (ClassC)
2014-10-24	128.177.96.97 (ClassC)
2014-10-29	205.185.206.147 (ClassC)
2014-10-31	128.177.96.10 (ClassC)
2014-11-02	165.254.94.145 (ClassC)
2014-11-04	198.173.2.56 (ClassC)
2014-11-06	205.185.206.170 (ClassC)
2014-11-07	165.254.94.41 (ClassC)
2014-11-09	165.254.207.72 (ClassC)
2014-11-11	107.14.32.11 (ClassC)
2014-11-15	165.254.206.161 (ClassC)
2014-11-19	184.25.56.179 (ClassC)
2014-11-19	198.173.2.11 (ClassC)
2014-11-20	165.254.207.83 (ClassC)
2014-11-20	165.254.155.43 (ClassC)
2014-11-27	165.254.207.11 (ClassC)
2014-12-01	204.93.46.171 (ClassC)
2014-12-10	165.254.207.33 (ClassC)
2014-12-10	165.254.206.122 (ClassC)
2014-12-18	204.93.47.194 (ClassC)
2014-12-21	184.27.202.89 (ClassC)
2015-01-13	205.185.206.168 (ClassC)
2015-01-16	220.181.105.250 (ClassC)
2015-01-18	220.181.105.240 (ClassC)
2015-01-20	101.226.181.110 (ClassC)
2015-01-22	101.226.181.100 (ClassC)
2015-05-11	66.198.24.250 (ClassC)
2017-04-29	66.198.178.91 (ClassC)
2017-06-22	66.231.239.95 (ClassC)
2017-08-09	66.198.178.90 (ClassC)
2017-09-07	66.102.255.43 (ClassC)
2017-09-18	213.244.178.220 (ClassC)
2017-09-22	80.231.126.224 (ClassC)
2017-09-24	195.59.70.250 (ClassC)
2017-10-04	80.231.126.240 (ClassC)
2017-11-22	66.231.239.96 (ClassC)
2017-12-05	183.110.156.110 (ClassC)
2017-12-16	183.110.156.92 (ClassC)
2017-12-18	121.194.7.219 (ClassC)
2017-12-28	39.130.137.108 (ClassC)
2018-01-02	58.30.206.140 (ClassC)
2018-01-11	202.47.28.112 (ClassC)
2018-02-10	211.144.94.36 (ClassC)
2018-03-06	116.77.74.99 (ClassC)
2018-03-20	150.138.211.29 (ClassC)
2018-03-20	124.232.128.109 (ClassC)
2018-03-20	150.138.211.30 (ClassC)
2018-03-21	117.174.128.240 (ClassC)
2018-04-04	42.123.102.96 (ClassC)
2018-04-23	117.180.227.228 (ClassC)
2018-04-24	58.30.206.172 (ClassC)
2018-04-24	58.30.206.180 (ClassC)
2018-06-13	218.203.11.96 (ClassC)
2018-06-14	202.47.28.98 (ClassC)
2018-06-14	202.47.28.99 (ClassC)
2018-06-22	111.1.160.98 (ClassC)
2018-07-04	180.136.97.241 (ClassC)
2018-07-10	117.157.225.253 (ClassC)
2018-07-14	118.212.227.5 (ClassC)
2018-07-15	117.21.189.122 (ClassC)
2018-07-20	202.105.176.71 (ClassC)
2018-08-18	47.88.135.254 (ClassC)
2018-10-07	47.89.66.240 (ClassC)
2019-04-09	66.102.255.45 (ClassC)
2019-06-12	47.89.68.241 (ClassC)
2019-08-12	47.246.19.253 (ClassC)
2019-08-31	47.246.19.254 (ClassC)
2019-08-31	47.246.2.254 (ClassC)
2019-08-31	47.246.22.253 (ClassC)
2019-10-02	47.246.17.254 (ClassC)
2019-12-12	47.246.23.254 (ClassC)
2021-12-28	1.193.218.97 (ClassC)
2024-02-21	8.48.85.251 (ClassC)
2024-03-13	8.48.85.252 (ClassC)
2024-04-03	163.181.50.251 (ClassC)
2024-04-12	47.246.23.248 (ClassC)
2024-04-17	163.181.92.148 (ClassC)
2024-04-19	47.246.23.249 (ClassC)
2024-04-30	8.25.82.236 (ClassC)
2024-05-05	8.25.82.235 (ClassC)
2024-05-13	8.25.82.217 (ClassC)
2025-01-29	47.246.23.250 (ClassC)
2025-03-12	47.246.23.251 (ClassC)
2025-04-08	8.25.82.193 (ClassC)
2025-06-14	47.246.20.173 (ClassC)
2025-07-14	47.246.23.188 (ClassC)
2025-08-10	47.246.23.187 (ClassC)

HTTP/1.1 200 OKServer: TengineContent-Type: image/jpegContent-Length: 42367Connection: keep-aliveDate: Tue, 13 Jun 2023 19:03:00 GMTlast-modified: Sat, 09 Jul 2022 22:02:42 GMTpicasso-ret-code: SUCCES

����JFIF��C	��C������	��M	!1AQaq��2���#BRb���$3Cr����c�	Ss����%4Dt����2!1AQ2aq#3��RB�$������?�ꠠ���2vJ�in��Xm&ω�n���@���@��F��R�}��#�~��7�^�Z.�6���LВ�+ �ܖ���(��� ^Y�𶂉�P�1 z�7�X��N���N���}�PG7u��$x�8�P�I����v�m��I�8e�����`�k��)���3��$���N�P�N�V�ä�*{d��(�(�(�(�(��%��w3�Ϭ��?��-´�Ӭ`�����Pz�h�/���5�j�Oҋ�}��Ts����s�vǁ��sL�Avg�F�Xq������XO�m��)�:,����({#�g��2:_G�c~���;��Xd��2:��Ѓ�P��(�(�(�(�mk���.���>��Hd�����58`m���g+�mŚe�-Yy@$����5�:�O��7p�ϻ�����l��h��7m�a��9�&�x$P�$nXy�6�Z�����������h�>����.������J��LTa��v�߭Q�9�ݽ�m�*�BK�1�ڵ�����k�~D`b�s3o�N:Td�i��I$~�U#�k�~t1Q糖^����?zk�m�|ȶ�&8$>��V�^�u��N�����^+����F}�#��I���z�دk�l�h�k�D{�B�?1�_O�7S��g�Y$T�����>�j�Qox?��c��e1j���Pz��xAݷ�����1�gi���pj6�ky/��6�,l�im�IύF�bK��ǜm��ݝ�����q،;��{x�ɱ�{�$��:�#���ɎO5�R,�LlFǡ��S��n���x�p�_��ay��������S��nv���㛘t^С��uYJ���9Xfbq�����s�j�rb��#�PPP�j���d:)�����U��a{��͎��JY���GƝ���p�;��y4��L��VA�s��V;���jD��Y���X�>��%9!�9C�3����t�kW>-N�ڀH������+,��:�������+�I���;��,��b-�����;�:�,a������n�:���w�Ks����Hs�q��G���{Ԡ�������Jv�ݗ�i{cp`կA��e8er7a���I+��i�K�d�W�i����brI�5���R���M�)Wlc��*��5���f�q,2�h��G)��FqZ�a��6������X������m�?:�I3�FF����A$�Q ��O���B��@@��%�Is�v�z�	�G-��s��T����#����4�٣�ԛ�wQ����e$y�>���I#�J�����9��o���fZ�w�j���洃�2�;�|H���{�̓��M-�K;�e���kY���o���ʒ&C�7桑�U�w1��U+ˍ�C��#&��̘yT(F`9s�ۓ�T&��Ɏ}>�R�Ni��	�3�0�#MGO�Շ&�߃��_�f�6�s����VI����f��?�H�����7��g��ʣs�8���V��k|2b� (�(�`v�ڞ��k��$�lL6��n �_E%��x�)d�x�W� �׸��mCQ�l��vQ��:*��GJ��f�˚U}w����7�@B��m$�Ƒ�LC���zf�K��C���)`�{	��H�obzyaᴺ��~�Gc$m̸��0(�o뽖q}�����ds��H-���#��I��ǫ�ƺO�Ֆ��Es������-y0�CY�:�@@@@@@@pW���^mk��Tc�ko%è;e���>�

Port 443

Subdomains

Date	Domain	IP
g20.alicdn.com	2023-10-04	47.246.24.251
akamaissl0.alicdn.com	2024-06-13	58.218.215.159
sc01.alicdn.com	2023-08-04	184.28.50.49
ae01.alicdn.com	2023-08-15	23.75.208.45
gwl01.alicdn.com	2024-11-25	8.38.121.229
sm01.alicdn.com	2023-10-16	8.45.52.251
atms01.alicdn.com	2015-01-27	23.74.9.223
gtms01.alicdn.com	2014-10-14	23.15.4.16
cbu01.alicdn.com	2015-04-29	222.73.134.40
o201411.alicdn.com	2025-01-07	8.38.121.230
a1.alicdn.com	2021-07-27	47.246.23.253
hdc1.alicdn.com	2014-08-18	195.27.31.240
gd1.alicdn.com	2014-08-19	195.27.31.240
yqfile1.alicdn.com	2024-04-12	163.181.56.244
g-search1.alicdn.com	2015-04-02	101.226.178.100
g.search1.alicdn.com	2013-10-13	66.102.255.40
gaitaobao1.alicdn.com	2014-06-03	195.27.31.240
gshop1.alicdn.com	2014-07-30	134.159.210.110
gdsns1.alicdn.com	2025-07-28	140.205.122.66
gdt1.alicdn.com	2024-04-04	163.181.56.244
gsctst1.alicdn.com	2025-03-08	8.25.82.193
gju1.alicdn.com	2015-07-29	66.102.255.50
gw1.alicdn.com	2013-11-05	66.102.255.50
sc02.alicdn.com	2023-10-27	23.38.191.9
ae02.alicdn.com	2023-08-15	23.54.19.89

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]