Domain > ip.cn

Welcome! Right click nodes and scroll the mouse to navigate the graph.

More information on this domain is in AlienVault OTX

Whois

Property	Value
Organization	陈寿福
Email	soff@soff.net
NameServer	lv3ns2.ffdns.net
Created	2003-03-17 12:20:05
Expires	2021-03-17 12:48:36

DNS Resolutions

Date	IP Address
2012-05-12	96.44.169.117 (ClassC)
2013-04-01	216.157.85.151 (ClassC)
2014-02-14	116.251.221.234 (ClassC)
2015-01-20	211.155.86.186 (ClassC)
2015-02-09	42.159.159.175 (ClassC)
2015-02-18	119.254.103.120 (ClassC)
2015-05-17	104.31.228.6 (ClassC)
2015-06-03	122.70.134.43 (ClassC)
2015-06-04	125.39.5.21 (ClassC)
2015-06-30	103.249.252.15 (ClassC)
2015-07-06	42.62.73.70 (ClassC)
2015-07-18	42.62.73.25 (ClassC)
2015-07-27	117.27.251.131 (ClassC)
2015-10-08	119.254.211.85 (ClassC)
2015-12-02	115.182.75.72 (ClassC)
2016-03-03	115.182.75.88 (ClassC)
2016-03-29	123.206.53.84 (ClassC)
2016-03-30	192.3.207.91 (ClassC)
2016-06-27	118.184.180.46 (ClassC)
2016-06-28	118.184.180.47 (ClassC)
2018-02-26	23.239.1.72 (ClassC)
2018-02-28	104.16.25.100 (ClassC)
2019-07-01	104.16.25.88 (ClassC)
2019-07-01	198.41.215.88 (ClassC)
2019-07-01	104.16.24.88 (ClassC)
2019-07-01	198.41.214.88 (ClassC)
2019-10-16	198.41.214.99 (ClassC)
2019-10-16	104.16.25.99 (ClassC)
2019-10-16	198.41.215.99 (ClassC)
2019-10-16	104.16.24.99 (ClassC)
2023-07-16	104.21.56.92 (ClassC)
2023-08-06	104.21.27.77 (ClassC)
2023-08-13	172.67.169.16 (ClassC)
2023-08-23	172.64.194.30 (ClassC)
2023-08-27	172.64.131.23 (ClassC)
2024-12-18	104.21.64.12 (ClassC)
2025-01-01	172.67.174.23 (ClassC)

HTTP/1.1 403 ForbiddenDate: Thu, 17 Oct 2019 12:31:27 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveSet-Cookie: __cfduidd91576c529fd38a26c394f7fa75b557b715713

!DOCTYPE html>!--if lt IE 7> html classno-js ie6 oldie langen-US> !endif-->!--if IE 7>    html classno-js ie7 oldie langen-US> !endif-->!--if IE 8>    html classno-js ie8 oldie langen-US> !endif-->!--if gt IE 8>!--> html classno-js langen-US> !--!endif-->head>title>Access denied | ip.cn used Cloudflare to restrict access/title>meta charsetUTF-8 />meta http-equivContent-Type contenttext/html; charsetUTF-8 />meta http-equivX-UA-Compatible contentIEEdge,chrome1 />meta namerobots contentnoindex, nofollow />meta nameviewport contentwidthdevice-width,initial-scale1,maximum-scale1 />link relstylesheet idcf_styles-css href/cdn-cgi/styles/cf.errors.css typetext/css mediascreen,projection />!--if lt IE 9>link relstylesheet idcf_styles-ie-css href/cdn-cgi/styles/cf.errors.ie.css typetext/css mediascreen,projection />!endif-->style typetext/css>body{margin:0;padding:0}/style>!--if gte IE 10>!-->script typetext/javascript src/cdn-cgi/scripts/zepto.min.js>/script>!--!endif-->!--if gte IE 10>!-->script typetext/javascript src/cdn-cgi/scripts/cf.common.js>/script>!--!endif-->/head>body>  div idcf-wrapper>    div classcf-alert cf-alert-error cf-cookie-error idcookie-alert data-translateenable_cookies>Please enable cookies./div>    div idcf-error-details classcf-error-details-wrapper>      div classcf-wrapper cf-header cf-error-overview>        h1>          span classcf-error-type data-translateerror>Error/span>          span classcf-error-code>1020/span>          small classheading-ray-id>Ray ID: 52724a26ec2fe382 • 2019-10-17 12:31:27 UTC/small>        /h1>        h2 classcf-subheadline>Access denied/h2>      /div>!-- /.header -->      section>/section>!-- spacer -->      div classcf-section cf-wrapper>        div classcf-columns two>          div classcf-column>            h2 data-translatewhat_happened>What happened?/h2>            p>This website is using a security service to protect itself from online attacks./p>          /div>                  /div>      /div>!-- /.section -->      div classcf-error-footer cf-wrapper>

Port 443

!DOCTYPE html>!--if lt IE 7> html classno-js ie6 oldie langen-US> !endif-->!--if IE 7>    html classno-js ie7 oldie langen-US> !endif-->!--if IE 8>    html classno-js ie8 oldie langen-US> !endif-->!--if gt IE 8>!--> html classno-js langen-US> !--!endif-->head>title>Access denied | ip.cn used Cloudflare to restrict access/title>meta charsetUTF-8 />meta http-equivContent-Type contenttext/html; charsetUTF-8 />meta http-equivX-UA-Compatible contentIEEdge,chrome1 />meta namerobots contentnoindex, nofollow />meta nameviewport contentwidthdevice-width,initial-scale1,maximum-scale1 />link relstylesheet idcf_styles-css href/cdn-cgi/styles/cf.errors.css typetext/css mediascreen,projection />!--if lt IE 9>link relstylesheet idcf_styles-ie-css href/cdn-cgi/styles/cf.errors.ie.css typetext/css mediascreen,projection />!endif-->style typetext/css>body{margin:0;padding:0}/style>!--if gte IE 10>!-->script typetext/javascript src/cdn-cgi/scripts/zepto.min.js>/script>!--!endif-->!--if gte IE 10>!-->script typetext/javascript src/cdn-cgi/scripts/cf.common.js>/script>!--!endif-->/head>body>  div idcf-wrapper>    div classcf-alert cf-alert-error cf-cookie-error idcookie-alert data-translateenable_cookies>Please enable cookies./div>    div idcf-error-details classcf-error-details-wrapper>      div classcf-wrapper cf-header cf-error-overview>        h1>          span classcf-error-type data-translateerror>Error/span>          span classcf-error-code>1020/span>          small classheading-ray-id>Ray ID: 52724a274da1c99d • 2019-10-17 12:31:27 UTC/small>        /h1>        h2 classcf-subheadline>Access denied/h2>      /div>!-- /.header -->      section>/section>!-- spacer -->      div classcf-section cf-wrapper>        div classcf-columns two>          div classcf-column>            h2 data-translatewhat_happened>What happened?/h2>            p>This website is using a security service to protect itself from online attacks./p>          /div>                  /div>      /div>!-- /.section -->      div classcf-error-footer cf-wrapper>

Subdomains

Date	Domain	IP
dns.ip.cn	2024-11-28	172.67.174.23
www.ip.cn	2014-01-03	116.251.221.234
my.ip.cn	2024-10-27	104.21.64.12

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

MD5	A/V
4f7f2a586320a764f02ebbb701c8de1a
5f6df2c4c028d5e681ec8e0446447271	[HW32.Packed.F8EF] [Trojan.Zusy.D258F3] [WS.Reputation.1] [BehavesLike.Win32.Dropper.tc] [W32/Pidgeon-A] [W32/Trojan.IMLJ-7133] [W32/OnLineGames.AJN!tr] [Win32/Trojan.97a]
a7b6959e16af9c8469b629b38e43bda0	[HW32.Packed.8364] [Trojan.Startpage] [Spyware.OnlineGames] [Heur.AdvML.C] [Trojan.Win32.Pasta.aiwy] [Trojan.Win32.Pasta.efqrbv] [BackDoor.BlackHole.43509] [virtool.win32.ceeinject.gl] [BehavesLike.Win32.Downloader.vc] [Mal/VMProtBad-A] [W32/Trojan.LCVG-5782] [Trojan:Win32/Startpage.PVO!bit] [Trojan.Kazy.D1FC07] [Trojan/Win32.Pasta.N2084756769] [Artemis!A7B6959E16AF] [Trojan.Antavmu] [Win32.Trojan.Pasta.Lohq] [Trojan.Pasta!wPmYtmLamCo] [W32/FlyStudio_HackTool.A] [Win32/Blacked] [Trj/GdSda.A]

Domain > ip.cn

Is this malicious?

Files that talk to ip.cn

Whois

DNS Resolutions

Port 80

Port 443

Subdomains