Domain > ip.aa2.cn

More information on this domain is in AlienVault OTX

Files that talk to ip.aa2.cn

MD5	A/V
1a9a5ff3ccc19f703603d835d719e8a9	[Trojan/Kryptik.ddgl] [Trojan.Vehidis!] [W32/S-fd0b39e8!Eldorado] [PE:Backdoor.Win32.Zegost.av!1075357568] [UnclassifiedMalware] [BackDoor.Spy.2743] [Trojan.Vehidis.Win32.743] [W32/S-fd0b39e8!Eldorado] [Backdoor/Farfli.mt] [W32/Kryptik.DDGL!tr] [Trojan/Win32.Vehidis] [Trojan.Mikey.D2AE0] [Backdoor/Win32.Zegost] [Backdoor:Win32/Zegost!rfn] [Backdoor.Farfli] [Adware.Win32.iBryte.DMDY] [Trojan-GameThief.Win32.Magania] [Crypt4.JLP]
19c53067a4d499c0b8e8c6d68d2f9b00
7190a0f05ba934b0b92c9eabb79866ac
0adf5f12490a1728df0596752e4bb14f
b1d80f047178f7d9e57738a8d0023c41
03b96fe6cfac73838920bb72cc0fae1b
710dd32389cb3bb467157542684795eb
06d0f2273cc19cbec623821edca064ea
b13c77d94982e88819fa5c910a05377e	[BackDoor.Spy.2743] [Win32/Kryptik.DDGL] [W32/Kryptik.DDGL!tr] [Crypt4.JLP] [Trojan-GameThief.Win32.Magania] [Trojan.Win32.Vehidis.bsk] [Backdoor*Win32/Zegost!rfn] [Trojan.Vehidis.vix.pbxv] [Trojan.Vehidis]
1bb7e16ea8d8fb317cc91fa10910a309	[Trojan.Vehidis.r4] [BackDoor.Spy.2743] [Win32/Kryptik.DDGL] [W32/Kryptik.DDGL!tr] [Crypt4.JLP] [Trojan-GameThief.Win32.Magania] [Trojan.Win32.Vehidis.vlw] [Backdoor*Win32/Zegost!rfn] [Trojan.Vehidis.vix.pbxv] [Trojan.Vehidis]
9574457395cd3da73b5ecc0f05047bf1	[W32/S-fd0b39e8!Eldorado] [BackDoor.Spy.2743] [Win32/Kryptik.DDGL] [W32/Kryptik.DDGL!tr] [Crypt4.JLP] [Trojan-GameThief.Win32.Magania] [Backdoor*Win32/Zegost!rfn] [Trojan.Vehidis.vix.pbxv] [Trojan.Vehidis]
c8f97ccfa012045ce64e76270bb98a04	[Backdoor.Win32.Zegost.av] [BackDoor.Spy.2743] [Backdoor.Farfli] [Trojan.Vehidis.08576] [Trojan.Vehidis.Win32.743] [Trojan-GameThief.Win32.Magania] [W32/S-fd0b39e8!Eldorado] [Backdoor*Win32/Zegost!rfn] [W32/Kryptik.DDGL!tr] [Crypt4.JLP] [Win32/Kryptik.DMDY] [Trojan.Vehidis.vix.pbxv]
17295e77d01991c1921017c529562a51	[BackDoor.Spy.2743] [Trojan.Vehidis.Win32.743] [BKDR_ZEGOST.DFA] [Crypt4.JLP] [Trojan-GameThief.Win32.Magania] [Backdoor.Farfli] [Trojan.Vehidis.vix.pbxv] [W32/Kryptik.DDGL!tr] [W32/S-fd0b39e8!Eldorado] [Downloader.Upatre] [Win32/Kryptik.DMDY] [Backdoor.Win32.Zegost.av] [Trojan.Vehidis.08576] [Backdoor*Win32/Zegost!rfn]
c56e3aa9156f509eec2a315e11467903	[Backdoor.Win32.Zegost.av] [Trojan.Vehidis.vix.pbxv] [Win32/Kryptik.DMDY] [Crypt4.JLP] [Backdoor.Trojan] [W32/Kryptik.DDGL!tr] [Backdoor*Win32/Zegost!rfn] [W32/Trojan.RLZR-2457] [Trojan-GameThief.Win32.Magania] [Trojan.Vehidis.Win32.743] [Backdoor.Zegost.r4] [Backdoor.Farfli] [BackDoor.Spy.2743]
2365e95add3444a839db046a20c09da5	[Backdoor.Win32.Zegost.av] [Trojan.Vehidis.vix.pbxv] [Win32/Kryptik.DMDY] [Crypt4.JLP] [W32/Kryptik.DDGL!tr] [Backdoor*Win32/Zegost!rfn] [W32/S-fd0b39e8!Eldorado] [Trojan-GameThief.Win32.Magania] [Trojan.Vehidis.Win32.743] [Backdoor.Farfli] [BackDoor.Spy.2743]
018cb20edc17a88fdeff5ca7a4911566	[Backdoor.Win32.Zegost.av] [BackDoor.Spy.2743] [W32/Kryptik.DDGL!tr] [Backdoor.Farfli] [Trojan-GameThief.Win32.Magania] [Trojan.Vehidis.vix.pbxv] [W32/S-fd0b39e8!Eldorado] [Win32/Kryptik.DMDY] [Trojan.Vehidis.Win32.743] [Crypt4.JLP] [Backdoor*Win32/Zegost!rfn]
3a310d6f6bb077f1e40e34e14d298ee2
4350cdc38b82af7580c9cb67ebe1cf76
f9290aff082f69fcfb6834a476854e38
3e302240d352fe2a69cd416d8dee01dd

Whois

Property	Value
Organization	黄鹏
Email	altxxg@163.com
NameServer	f1g1ns2.dnspod.net

DNS Resolutions

Date	IP Address
2014-08-10	115.231.84.94 (ClassC)
2014-08-13	218.92.226.80 (ClassC)
2015-02-12	218.92.226.42 (ClassC)
2015-02-16	61.153.104.232 (ClassC)
2015-03-26	58.216.25.33 (ClassC)
2015-04-12	27.221.23.222 (ClassC)
2015-04-22	119.147.227.139 (ClassC)
2015-05-07	112.90.51.173 (ClassC)
2015-05-07	61.240.150.11 (ClassC)
2015-05-07	222.161.220.33 (ClassC)
2015-08-09	119.29.31.99 (ClassC)
2015-08-27	119.29.118.14 (ClassC)
2015-09-11	183.131.85.221 (ClassC)
2015-10-15	122.114.94.191 (ClassC)
2015-10-27	222.186.58.144 (ClassC)
2015-11-12	203.195.174.215 (ClassC)
2015-12-24	119.57.196.112 (ClassC)
2016-01-01	120.52.113.28 (ClassC)
2016-01-26	183.232.29.143 (ClassC)
2016-03-24	115.231.110.77 (ClassC)
2016-03-30	183.232.29.158 (ClassC)
2016-04-05	115.231.103.92 (ClassC)
2016-04-10	118.192.150.112 (ClassC)
2016-06-27	118.192.151.183 (ClassC)
2017-05-12	139.199.85.59 (ClassC)
2017-05-25	43.248.102.137 (ClassC)
2017-09-01	103.45.12.197 (ClassC)
2017-10-19	69.197.156.68 (ClassC)
2018-05-25	103.45.100.102 (ClassC)
2018-09-22	43.226.34.202 (ClassC)
2018-11-12	43.226.35.41 (ClassC)
2019-08-15	43.226.39.75 (ClassC)
2020-07-29	47.91.170.222 (ClassC)
2020-10-10	103.45.105.244 (ClassC)
2020-12-29	45.119.125.223 (ClassC)
2024-07-27	103.119.3.249 (ClassC)
2025-07-24	23.224.74.121 (ClassC)
2025-08-03	172.247.217.30 (ClassC)

HTTP/1.1 200 OKServer: TengineDate: Thu, 15 Aug 2019 19:51:31 GMTContent-Type: text/html; charsetutf-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Powered-By: PHP/5.3.29Set-C

!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>html xmlnshttp://www.w3.org/1999/xhtml>head>meta http-equivContent-Type contenttext/html; charsetutf-8 />title>IP反查域名/title>meta nameviewport contentwidthdevice-width, initial-scale1.0, minimum-scale1.0, maximum-scale1.0, user-scalableno>meta nameformat-detection contenttelephoneno>meta namerenderer contentwebkit>meta http-equivCache-Control contentno-siteapp>meta nameauthor contentIP反查域名 />meta namekeywords content同IP站点查询,ip反查域名,同IP服务器网站查询 />meta namedescription content功能强大的IP反查工具网站，通过IP地址查询同一IP的服务器上有哪些网站，及网站名称等 />link href/style/css.css relstylesheet typetext/css />link href/style/custom.css relstylesheet typetext/css />script src/js/jquery.min.js typetext/javascript>/script>script src/js/jquery.site.js typetext/javascript>/script>script src/js/node.js typetext/javascript>/script>script src/js/dialog.js typetext/javascript>/script>script typetext/javascript>$(document).ready(function(){	sitedir/;	});/script>/head>body>script src/style/jquery-ui.min.js typetext/javascript>/script>script typetext/javascript>   (function() {     if (!     /*@cc_on!@*/     0) return;     var e  abbr, article, aside, audio, canvas, datalist, details, dialog, fieldset, figure, footer, header, hgroup, mark, menu, meter, nav, output, progress, section, time, video.split(, );     var i e.length;     while (i--){         document.createElement(ei)     }})()/script>div classheader>div classrow topbar>    div classcontent>        div classg1024>            div classc12>a href/list.php target_blank classf_right>查询记录/a>a hrefhttp://www.aa2.cn title网站评估 >网站评估/a>/div>        /div>    /div>/div>div classg1024 head space-bot>    div classrow >	    div classc3 text-center>a href/>img src/skin/toolimage/logo.png width220px; height80 altAA2站长工具/>/a>/div>	    div classc9 max-hide

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > ip.aa2.cn

Is this malicious?

Files that talk to ip.aa2.cn

Whois

DNS Resolutions

Port 80