Help RSS API Feed Maltego Contact                        

Domain > rghost.net

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to rghost.net
MD5A/V
a0416f4ca9497c78e51d828f44866875
c185203cc781e769719054af61522222[TR/Dldr.Bladabindi.A.88] [TrojanDownloader*MSIL/Bladabindi.A]
10135994582c3a2c6a37c2e4f0ffbc3c
4d8962e15dae3b19673cc58259b78da9[Exploit.CVE-2012-0158.Heur] [Exploit-CVE2010-3333] [CVE103333] [Exploit!CVE-2010-3333] [Exploit.MSWord.CVE-2010-3333.cl] [Exploit.Rtf.36] [EXP/CVE-2010-3333] [TROJ_FRS.PMA000CO14] [Exp/20103333-A] [RTF:Exploit.ShellCode!1.9E32] [Data/CVE20103333.A!exploit]
f389af98a2a6e0dea191f0138935fb2e[Artemis!F389AF98A2A6] [Trojan.Win32.Small.dbiaad] [Artemis] [TrojanDownloader:MSIL/Ranos.B] [Trojan-Downloader.MSIL.Small] [Trojan.MSIL.Small.bIO]
059d02ff799d789ec44fcef6aabc8c95
10d15c6ab36ed1204f9b7e0b83304752[Trojan.MSIL.RT] [W32/A-b57736a4!Eldorado] [UnclassifiedMalware] [BehavesLike.Win32.Backdoor.cc] [TR/DNGuard.118272] [Trojan.MSIL.DNGuard] [PossibleThreat] [Pakes2_c.HFQ] [Trojan.MSIL.DNGuard.BA]
3ed09c9a13cc6c59109784524f9c7a2a
aea1bacaf121aec5dc0b308931b779b8
4ddaaddd7b249800e68dd5cad2f8ecab
695730baed791cd6cf8d34efd0d68a63
0ed0dc71a8bad27418bc84c92220c391
c754132ebc447ac34007dfadddf1647f
77f29ade12f35b6123056c4c54d0e07b
3c984328ae4fac43d0e60942685a4eee
7f51be5ecac7c3a2c9d3e0c629d488b8
badbc9e551300983ce9aab06ecda4fb7
a880501e1c9261a53d0136a6a754abf0
008e02b1e2456a73e4db2360a3be3e16
85e36462074094486ccf6478161202c7

Whois
PropertyValue
Email contact@realisticgroup.com
NameServer JAKE.NS.CLOUDFLARE.COM
Created 2007-07-15 00:00:00
Changed 2014-05-21 00:00:00
Expires 2016-07-15 00:00:00
Registrar REGTIME LTD.

DNS Resolutions
DateIP Address
2011-04-08217.199.218.103 (ClassC)
2011-08-28217.199.218.101 (ClassC)
2012-05-01217.199.218.98 (ClassC)
2013-05-29217.199.217.180 (ClassC)
2013-05-29217.199.217.181 (ClassC)
2013-06-25217.199.218.100 (ClassC)
2013-08-13217.199.218.100 (ClassC)
2014-01-13217.199.218.102 (ClassC)
2014-01-13217.199.218.102 (ClassC)
2014-02-1889.248.225.50 (ClassC)
2014-03-07108.162.198.248 (ClassC)
2014-06-2889.248.225.43 (ClassC)
2014-10-1289.248.225.42 (ClassC)
2014-10-25104.28.17.109 (ClassC)
2014-10-25104.28.16.109 (ClassC)
2014-11-1989.248.225.50 (ClassC)
2015-04-1289.248.225.51 (ClassC)
2015-04-2789.248.225.44 (ClassC)
2016-06-04163.172.19.203 (ClassC)
2016-06-0637.59.33.100 (ClassC)
2018-07-28198.251.84.79 (ClassC)
2019-09-07104.27.162.117 (ClassC)
2020-05-06104.27.163.117 (ClassC)
2025-08-01104.21.50.229 (ClassC)
2025-08-10172.67.212.239 (ClassC)

Port 80

Port 443

Subdomains
DateDomainIP
ipv6.rghost.net2025-05-25104.21.50.229
fa.rghost.net2025-06-15104.21.50.229
id.rghost.net2025-05-25104.21.50.229
pl.rghost.net2025-06-27104.21.50.229
ar.rghost.net2013-08-10217.199.218.100
tr.rghost.net2025-06-29172.67.212.239
www.rghost.net2025-04-18172.67.212.239
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information