Domain > servebbs.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

http://blog.crowdstrike.com/blurring-of-commodity-...

https://otx.alienvault.com/pulse/562ebff967db8c2a9...

Files that talk to servebbs.com

MD5	A/V
faacb4a68f7b0f4e669dac23bad5e159	[Trojan.Win32.Dapato.cuwduv] [Downloader] [Trojan.DownLoad3.32340] [W32/Banload.SXP!tr]
ad83f96d173d34fbe348a5ace0b54108	[Artemis!AD83F96D173D] [Trojan.Banload] [TrojWare.Win32.TrojanDownloader.Dadobra.~JN2] [TR/Symmi.16398.26] [Mal/Bancos-CD] [Suspicious] [W32/Banload.RZY!tr]
b2b5f3575238b28ef78df1b9caac4024	[W32.CsrcsExpoLnr.Trojan] [Trojan.BHO.r5] [Artemis!B2B5F3575238] [Win32.Trojan.WisdomEyes.151026.9950.9986] [W32/S-2d34e4aa!Eldorado] [Suspicious.Cloud.2] [ADW_BHO] [Win.Trojan.Clicker-118] [Trojan-Clicker.Win32.AutoIt.ab] [Riskware.Win32.Downware.dyofcz] [Troj.Clicker.W32!c] [ApplicUnwnt] [ADW_BHO] [BehavesLike.Win32.YahLover.tc] [W32/S-2d34e4aa!Eldorado] [DR/Click.AutoIt.AB.11] [Trojan/Win32.BHO] [Trojan:Win32/Bumat!rts] [Win32.Trojan.Autoit.Pfiz] [Trojan-Downloader.Win32.AutoIt] [Adware/Win32_AutoIt] [Autoit_c.CNHO] [Trj/CI.A]
f0be6dbde1628a1fc89ded02a1b64572	[Trojan-Downloader.Win32.Banload]
e21b3469b4fc1efddf76d8c89f1ebb2a	[Malware.Packer.HGX1] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
2625ca957f30c6fb439d6fb819b96e96	[HW32.CDB.0b76] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [Trojan.Win32.S.PSW-Tepfer.829456.AK] [UnclassifiedMalware] [Trojan.Packed.26581] [Win32.Malware!Drop] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.ZDOX-3335] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC]
292ad75fbab2288a453c7f7db162eed0	[HW32.CDB.A2b5] [Packed.Win32.Katusha.3!O] [Backdoor.Hlux!xuwpKhCjMA8] [WS.Reputation.1] [Kryptik.CDQY] [Backdoor.Win32.Hlux.dqzg] [UnclassifiedMalware] [Trojan.Packed.26581] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [W32/Trojan.HATR-5126] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.Aj] [Win32/Trojan.112]

Whois

Property	Value
Name	Dynamic Network Services
Organization	Dyn
Email	Domains@dyn.com
Address	150 Dow St, Tower 2
Zip Code	03101
City	Manchester
State	NH
Country	US
Phone	+1.6036684998
NameServer	NS1.DYNDNS.ORG
Created	2005-07-04 19:36:01
Changed	2014-12-02 19:11:11
Expires	2015-07-04 00:00:00
Registrar	DYNAMIC NETWORK SERV

DNS Resolutions

Date	IP Address
2009-08-01	82.84.91.69 (ClassC)
2009-09-10	91.121.121.6 (ClassC)
2009-09-10	72.249.123.191 (ClassC)
2009-09-12	92.48.124.212 (ClassC)
2009-09-13	80.93.49.223 (ClassC)
2010-04-06	77.247.177.28 (ClassC)
2010-06-28	80.91.176.172 (ClassC)
2011-07-26	74.52.4.73 (ClassC)
2013-01-02	178.162.164.172 (ClassC)
2013-02-19	62.76.46.22 (ClassC)
2013-05-08	37.139.47.56 (ClassC)
2013-05-14	81.177.141.153 (ClassC)
2013-05-17	37.139.47.84 (ClassC)
2013-05-29	62.76.186.144 (ClassC)
2013-06-10	184.173.201.97 (ClassC)
2013-06-15	200.175.245.95 (ClassC)
2013-09-16	192.254.225.2 (ClassC)
2013-12-20	81.64.83.48 (ClassC)
2014-01-08	206.190.155.203 (ClassC)
2014-01-26	194.58.91.228 (ClassC)
2014-03-27	201.232.44.162 (ClassC)
2014-08-12	209.73.155.67 (ClassC)
2014-10-07	188.128.141.21 (ClassC)
2014-11-26	116.48.129.113 (ClassC)
2014-12-23	72.2.72.182 (ClassC)
2014-12-28	189.135.162.36 (ClassC)
2015-02-03	80.167.189.128 (ClassC)
2018-06-11	204.13.248.119 (ClassC)
2019-12-12	216.146.39.125 (ClassC)
2025-06-04	132.226.118.109 (ClassC)

Subdomains

Date	Domain	IP
colormagia.servebbs.com	2014-03-19	37.123.113.178
googgle.servebbs.com	2014-05-11	198.199.78.132
bpionline.servebbs.com	2013-05-29	216.146.38.125
long.servebbs.com	2014-05-19	23.92.23.71
portal.servebbs.com	2025-05-28	185.209.15.99
zoomcon.servebbs.com	2025-04-23	190.61.35.194
sun.servebbs.com	2015-03-28	23.88.10.33
alternatyvarms.servebbs.com	2024-09-20	2.114.12.99
onepass.servebbs.com	2015-04-10	213.165.83.176
bss.servebbs.com	2013-05-16	93.94.244.11
www.servebbs.com	2025-04-25	132.226.118.109

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]