Domain > ip138.com

More information on this domain is in AlienVault OTX

Files that talk to ip138.com

MD5	A/V
103fb011f51f48f47f3cb3c13027b56f	[Riskware/Qhost] [Spyware.OnlineGames]
dd2051e904df686c98c6058fc540e690
8d324e0949ae72820cbb0454645af647	[Artemis!8D324E0949AE] [W32/Trojan.CZYU-2749] [Downloader] [Trojan.Win32.Z.Zusy.1968640[h]] [UnclassifiedMalware] [BehavesLike.Win32.Dropper.th] [Trojan.Zusy.D2BA7C] [Trj/GdSda.A] [Win32.Adware.Downloader.Auto] [Atros3.AHBM]
29f338d6557d5ab0363b7c146beb331a	[Artemis!29F338D6557D] [Win32.Trojan.Graftor.Huzr] [BehavesLike.Win32.Downloader.th] [Trojan.Graftor.D3FEE9]
cec1bb832a1e07bc2a614a09fd34a4ec
cde2457ebc9427e6cde3b24d0c450f6c
d114c1e011e8c833bf0be14651bc8bb0
c4827fc11d8e50a4b758a5b206270d92
940e36f14c55992e8094f86a84b2bd1b	[W32/A-8128ee96!Eldorado] [Riskware/FlyStudio] [Win32/Heur] [Spyware.OnlineGames]
7ce833c66513a30c7749fd885ecafe48	[TR/Spy.Transmit.A.5] [Trojan.Pcclient-85] [FakeAlert.AD] [BackDoor-AWQ!fm] [Trojan*Win32/Conime.A]
f2fe00778fe7f6bc5b012d7957ff0c40	[Trojan.Downloader.Hicrazyk.A] [StartPage-NY] [PUP.Optional.Meinv] [Riskware.Nsis.Downloader.cwhxun] [Malware] [TrojanDownloader:Win32/Hicrazyk.A] [W32/StartPage.NY!tr]
07c115461f195d2872cb61d3820e4072	[Artemis!07C115461F19] [PUP.Optional.Meinv] [WS.Reputation.1] [Startpage.ITJD] [Trojan.Win32.A.Downloader.1085470] [UnclassifiedMalware] [TR/Dldr.Hicrazyk.A.4] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Troj/StartP-HV] [TrojanDownloader:Win32/Hicrazyk.A] [Trj/CI.A] [NSIS/TrojanDownloader.Grinidou.B] [PE:Trojan.Crypt!6.191F] [not-a-virus:Downloader.NSIS] [W32/StartPage.NY!tr] [SHeur4.ALHH] [Trojan.NSIS.Grinidou.B] [Win32/Trojan.Downloader.ca5]
a610c3bc444c8aba743d4f36dae0efaf	[BScope.Lipler.045]
32909c36c90a7db192750eb6a6740d4c	[Suspicious!SA] [Trojan-PWS.OnlineGames]
829ee56d095fee4cc545789d70ec64c3	[Win32.SuspectCrc] [Mal/GamePSW-C] [BScope.Trojan-Dropper.Injector]
3af8b42e2d87e8488da6ae3bda6f27dd	[Trojan.Downloader.Hicrazyk.A] [Artemis!3AF8B42E2D87] [PUP.Optional.Meinv] [WS.Reputation.1] [Malware] [Trojan.Nsis.Downloader.cwybig] [TR/Dldr.Hicrazyk.A.8362] [Troj/StartP-HV] [TrojanDownloader:Win32/Hicrazyk.A] [NSIS/TrojanDownloader.Grinidou.G] [Trojan-Downloader.Win32.Hicrazyk] [W32/StartPage.NY!tr] [Trojan.Win32.Hicrazyk.A] [Win32/Trojan.Downloader.ca5]
f9cc17734b51eae340b942e85418deb0	[HW32.CDB.42dc] [Artemis!F9CC17734B51] [Trojan.Win32.Badur.ctprer] [WS.Reputation.1] [Trojan.Win32.Badur.gdxz] [Trojan.Badur!] [UnclassifiedMalware] [Trojan.DownLoader9.23781] [Heuristic.BehavesLike.Win32.Suspicious-BAY.S] [Trojan/Badur.cor] [Trojan.Badur] [Trojan.Win32.Badur.AFtx] [Win32/Packed.Themida.AAG] [Trojan.Win32.Badur] [Packed_c.BPJA] [Trj/Thed.A]
a7a7462fbf2435999ae822231ce4efd1	[Malware] [Trojan/Win32.Banki] [Win32/DH{ICVkBg}]
8a47a3c8feac996e18301bf291445553
52c1f14804dc2c93cb5c060721ee8794	[Trojan.Downloader.Hicrazyk.A] [Artemis!52C1F14804DC] [PUP.Optional.Meinv] [Win32.Malware!Drop] [Trojan.Nsis.Downloader.cwyayc] [WS.Reputation.1] [Malware] [Troj/StartP-HV] [Trojan.StartPage.62192] [TR/Dldr.Megone.tga] [TrojanDownloader:Win32/Hicrazyk.A] [Trojan.Win32.Hicrazyk.A] [PE:Trojan.Crypt!6.191F] [not-a-virus:Downloader.NSIS] [W32/StartPage.NY!tr]

Whois

Property	Value
Email	myxp778899hhh@gmail.com
NameServer	NS2.DNSV2.COM
Created	2004-04-19 00:00:00
Changed	2013-11-19 00:00:00
Expires	2018-04-19 00:00:00
Registrar	DOMAIN NAME NETWORK

DNS Resolutions

Date	IP Address
2009-11-30	219.153.15.76 (ClassC)
2011-11-09	123.103.14.236 (ClassC)
2012-03-15	61.147.122.44 (ClassC)
2012-05-27	58.222.24.241 (ClassC)
2012-06-30	58.253.70.143 (ClassC)
2012-07-03	123.103.14.219 (ClassC)
2012-10-10	118.144.105.9 (ClassC)
2012-10-29	118.144.105.2 (ClassC)
2013-01-07	118.244.190.70 (ClassC)
2013-04-01	61.153.56.166 (ClassC)
2013-05-16	61.147.122.39 (ClassC)
2013-05-22	60.211.182.20 (ClassC)
2013-06-30	61.147.122.56 (ClassC)
2013-07-11	61.147.122.57 (ClassC)
2013-07-23	61.147.122.63 (ClassC)
2013-08-05	218.92.221.58 (ClassC)
2013-08-16	218.92.221.56 (ClassC)
2014-04-29	106.38.244.141 (ClassC)
2014-06-10	221.235.187.48 (ClassC)
2014-07-08	106.38.199.35 (ClassC)
2014-08-01	183.57.84.87 (ClassC)
2014-08-10	183.57.84.85 (ClassC)
2014-10-13	203.130.61.17 (ClassC)
2014-10-13	203.130.61.21 (ClassC)
2014-11-27	106.38.199.15 (ClassC)
2014-11-29	106.38.199.16 (ClassC)
2014-12-27	203.130.61.92 (ClassC)
2015-03-31	218.93.206.51 (ClassC)
2015-04-16	218.93.206.52 (ClassC)
2015-06-05	61.153.56.182 (ClassC)
2015-11-14	222.186.132.65 (ClassC)
2016-02-27	59.56.26.49 (ClassC)
2016-03-04	125.90.206.44 (ClassC)
2016-08-25	113.107.58.87 (ClassC)
2016-09-25	183.6.240.74 (ClassC)
2017-12-14	203.130.59.30 (ClassC)
2017-12-18	42.81.36.249 (ClassC)
2018-04-08	58.51.168.47 (ClassC)
2018-05-26	110.88.145.95 (ClassC)
2018-06-07	157.185.149.167 (ClassC)
2018-07-15	58.223.164.87 (ClassC)
2018-07-15	58.223.166.231 (ClassC)
2018-07-31	125.90.206.42 (ClassC)
2018-07-31	125.90.206.43 (ClassC)
2018-08-21	163.171.128.148 (ClassC)
2019-01-21	125.77.147.127 (ClassC)
2019-06-28	157.185.170.143 (ClassC)
2019-08-06	163.171.133.123 (ClassC)
2019-10-18	157.185.146.132 (ClassC)
2020-02-29	163.171.140.179 (ClassC)
2021-09-18	218.77.18.147 (ClassC)
2023-08-27	138.113.102.11 (ClassC)
2023-10-05	59.37.89.174 (ClassC)
2024-07-31	157.185.175.102 (ClassC)
2024-10-24	138.113.29.74 (ClassC)
2024-11-01	157.185.179.12 (ClassC)
2024-11-09	138.113.159.20 (ClassC)
2024-11-18	138.113.159.190 (ClassC)
2025-01-26	138.113.24.64 (ClassC)
2025-02-22	157.185.156.194 (ClassC)
2025-04-05	140.150.36.51 (ClassC)
2025-05-31	138.113.128.20 (ClassC)
2025-07-08	157.185.145.100 (ClassC)
2025-07-18	138.113.102.14 (ClassC)
2025-08-05	66.114.53.22 (ClassC)

HTTP/1.1 200 OKDate: Sun, 28 Feb 2021 15:45:48 GMTContent-Type: text/htmlContent-Length: 18547Connection: keep-aliveContent-Location: http://ip138.com/index.htmLast-Modified: Tue, 22 Dec 2020 07:30:52

!DOCTYPE html>html>head>meta charsetgb2312>meta namerobots contentall/>meta nameviewport contentwidthdevice-width, initial-scale1.0, minimum-scale1.0, maximum-scale1.0, user-scalableno/>meta nameapplicable-device contentpc,mobile/>meta http-equivCache-Control contentno-transform/>meta nameapple-mobile-web-app-capable contentyes/>meta nameapple-mobile-web-app-status-bar-style contentblack/>meta http-equivmobile-agent contentformathtml5; urlhttps://m.ip138.com//>title>iP��ַ��ѯ--�ֻ������ѯ������ | ���������ѯ | iP��ַ�����ز�ѯ | ����֤������֤���߲�ѯ��/title>meta namekeywords contentip,ip��ѯ,ip��ַ��ѯ,ip138,��ip,�ҵ�ip,����ip,ip�����ز�ѯ/>meta namedescription content����ip��ַ�����ز�ѯ/>link relcanonical hrefhttps://www.ip138.com//>link relalternate mediaonly screen and (max-width: 640px) hrefhttps://m.ip138.com//>link typetext/css relstylesheet href//cache.ip138.com/static/style/public/responsive.css/>link typetext/css relstylesheet href//cache.ip138.com/static/style/index/index.css/>/head>body>div classwrapper>div classheader>div classmod-head>ul classlink only-pc>li>span classicon-date>/span>/li>/ul>a classlogo href/>img src//cache.ip138.com/static/image/public/logo.png width147 height50 alt��ѯ��>/a>a classmenu only-mobile hrefjavascript:; relnofollow>span>/span>span>/span>span>/span>/a>/div>/div>div classcontainer>div classside>div classmod-link>div classbd>ul>li classsmall active>a href/ target_blank>iP��ѯ/a>/li>li classsmall>a href//qq.ip138.com/weather/ target_blank>����Ԥ��/a>/li>li>a href/sj/ target_blank>�ֻ���������ز�ѯ/a>/li>li>a hrefhttps://www.liantu.com/ target_blank>��ά��������/a>/li>li>a href//caipiao.ip138.com/ target_blank>��Ʊ������ѯ/a>/li>li>a href//bifen.ip138.com/ target_blank>���������ȷ�/a>/li>li>a hrefhttps://www.yitaifang.com/ target_blank>��̫�����������/a>/li>li>a href/weizhang.htm target_blank>������ͨΥ�²�ѯ/a>/li>li classsmall>a hrefhttp://10.ip138.com/ target_blank>Ʒ�����а�/a>/li>li classsmall>a href//qq.ip138.com/hl.asp target_blank>���ʲ�ѯ/a>/li>li>a href/jb.h

Subdomains

Date	Domain	IP
2020.ip138.com	2025-04-30	110.81.155.137
202020.ip138.com	2025-02-21	59.57.13.133
1.ip138.com	2024-11-17	138.113.159.20
1111.ip138.com	2014-11-18	183.238.101.232
2021.ip138.com	2024-12-14	59.57.13.133
1212.ip138.com	2016-11-18	1.31.173.43
2022.ip138.com	2022-06-27	103.254.188.41
2023.ip138.com	2023-08-15	157.185.156.194
20140507.ip138.com	2024-08-30	59.57.13.182
2017.ip138.com	2024-07-10	59.57.13.182
2018.ip138.com	2025-02-19	110.81.155.138
2000019.ip138.com	2024-11-25	59.57.14.11
200019.ip138.com	2025-03-28	110.81.155.138
2019.ip138.com	2025-03-16	110.81.155.138
idc.ip138.com	2025-08-02	157.185.156.194
cache.ip138.com	2023-08-16	138.113.102.11
iframe.ip138.com	2014-08-19	117.25.148.120
site.ip138.com	2025-06-16	124.156.105.121
bf.ip138.com	2025-08-02	157.185.156.194
h.ip138.com	2025-08-02	66.114.53.22
api.ip138.com	2025-07-08	170.106.158.96
caipiao.ip138.com	2025-05-09	150.109.105.209
top.ip138.com	2024-07-12	157.185.175.102
sewer.ip138.com	2024-11-22	110.81.155.137
www.ip138.com	2015-02-18	218.92.221.152
city.ip138.com	2014-11-27	36.250.72.119

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > ip138.com

Is this malicious?

Files that talk to ip138.com

Whois

DNS Resolutions

Port 443

Subdomains