Domain > www.58ad.cn

More information on this domain is in AlienVault OTX

Files that talk to www.58ad.cn

MD5	A/V
3ab87c84f79f3791ca4990e37bc05265	[W32.FamVT.YoomaVM.Trojan] [Backdoor/W32.Yobdam.933888.B] [Backdoor.Yobdam.r8] [Trojan/Delf.sri] [Backdoor.Yobdam!7dQLcUiWzfs] [W32/S-91e41151!Eldorado] [Suspicious.Graybird.1] [Backdoor.Win32.Yobdam.lkj] [PE:Packer.Win32.StartPage.c!1075357398] [Trojan.StartPage1.11432] [Backdoor.Yobdam.Win32.1820] [BehavesLike.Win32.PWSOnlineGames.dc] [Mal/Behav-327] [W32/S-91e41151!Eldorado] [TR/Spy.37376.192] [Trojan:Win32/Startpage.WR] [Trojan.Barys.727] [Trojan/Win32.StartPage] [Artemis!F14D9DF2F619] [Backdoor.Yobdam] [Trojan-PSW.Ldpinch] [Luhe.Packed.AP]
46e4d91e7a65e670af9789525f32f535	[W32.FamVT.YoomaVM.Trojan] [Backdoor/W32.Yobdam.919552] [Backdoor.Yobdam.r8] [Artemis!2234D1B2CDB6] [Trojan/Delf.sri] [W32/S-91e41151!Eldorado] [Suspicious.Graybird.1] [Backdoor.Win32.Yobdam.lkj] [PE:Packer.Win32.StartPage.c!1075357398] [Trojan.StartPage1.12416] [Backdoor.Yobdam.Win32.1853] [BehavesLike.Win32.PWSOnlineGames.cc] [W32/S-91e41151!Eldorado] [TR/Spy.37376.192] [Trojan.Barys.727] [Trojan/Win32.StartPage] [Trojan:Win32/Startpage.WR] [Backdoor.Yobdam] [Trojan-PSW.Ldpinch] [PSW.Ldpinch.AHDR]
2c4f190fd5fcdf3b91aa0e4b183024c7	[W32.FamVT.YoomaVM.Trojan] [Backdoor/W32.Yobdam.919040] [Backdoor.Yobdam.r8] [Artemis!0147543046E8] [Trojan/Delf.sri] [Backdoor.Yobdam!D8l2QKtyhog] [W32/S-91e41151!Eldorado] [Backdoor.Win32.Yobdam.lkj] [PE:Packer.Win32.StartPage.c!1075357398] [Trojan.StartPage1.11903] [Backdoor.Yobdam.Win32.1842] [BehavesLike.Win32.PWSOnlineGames.cc] [W32/S-91e41151!Eldorado] [TR/Spy.37376.192] [Trojan.Barys.727] [Trojan/Win32.StartPage] [Trojan:Win32/Startpage.WR] [Backdoor.Yobdam] [Trojan-PSW.Ldpinch] [PSW.Ldpinch.AHDR]
2e1805393587a88a0c04d3cfa0abf653
164e019f03679267f8244f2f1060a81f
3116a218334475f37317df8c99582f3d
04cb4dcb5e2053e5afbf8f496178651d
15edf99f13e99065f7c19d588467282f
10e5a406d1309d338e3b1754498d1b51	[W32/Trojan.VOAK-5581] [Trojan.MulDrop5.37033] [Win32/Delf.RIS] [W32/Yobdam.LIE!tr.bdr] [PSW.Ldpinch.AHDR.dropper] [Trojan*Win32/Startpage.WR] [Packer.Win32.StartPage.c] [W32.Delf.RIS.dscp] [Trojan.Yoddos]
1d479d3195537ee5cc66f3456564065e	[W32/S-74fc28cb!Eldorado] [Trojan.Click3.10574] [Win32/Packed.VMProtect.ABD] [W32/VMProtBad.A!tr] [Win32/Blacked] [Trojan.Win32.VMProtect] [Trojan*Win32/Startpage.WR] [Mal/VMProtBad-A] [Trojan.Yoddos.Win32.449]
4b163d55d3ffbd0220256bb423990761	[Trojan.Click3.11739] [Mal/VMProtBad-A] [Trojan.Yoddos.Win32.474] [Trojan.Win32.VMProtect] [W32/S-74fc28cb!Eldorado] [W32/VMProtBad.A!tr] [Win32/Blacked] [Win32/Packed.VMProtect.ABD]
02c69315ff479f956360b0bc8099ab15
0bef04354507213a3dec34759f0c153f
1f78818e0a749316dbe6a1c539e4593c
43dd4ac09c8c5cd633fcb43ebac7767e

Whois

Property	Value
Organization	武汉世纪德安网络科技有限公司
Email	lch@centurydean.com
NameServer	ns2.dnsv2.com
Created	2011-10-12 16:27:30
Expires	2015-10-12 16:27:30

DNS Resolutions

Date	IP Address
2013-04-22	119.97.137.31 (ClassC)
2013-08-23	119.97.143.25 (ClassC)
2014-06-27	119.97.143.18 (ClassC)
2014-10-26	119.97.143.40 (ClassC)
2015-04-07	119.97.143.21 (ClassC)
2015-05-15	-
2024-05-15	119.97.143.15 (ClassC)
2025-04-25	119.97.143.57 (ClassC)

HTTP/1.1 200 OKServer: nginx/1.0.15Date: Mon, 17 Jul 2023 09:32:19 GMTContent-Type: text/htmlContent-Length: 1746Last-Modified: Tue, 29 Dec 2020 02:44:33 GMTConnection: keep-aliveVary: Accept-Encoding

!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>html xmlnshttp://www.w3.org/1999/xhtml langen xml:langen>    head>        title>网站升级公告栏/title>        meta namegoogle valuenotranslate />        meta http-equivContent-Type contenttext/html; charsetUTF-8 />        style typetext/css mediascreen>            html, body  { font-size: 24px; height:100%; background: #999; }            body { margin:0; padding:0; overflow:hidden; width: 100%; height: 100%; }#            #bg { width: 686px; height: 341px; margin: 48px auto; background: url(./bg.png); position: relative; color: #FFF; }#            #bg .text { position: absolute; top: 120px; left: 210px; width: 455px; line-height: 20px; }#            #bg .text p { text-indent: 24px; }#            #bg .time { position: absolute; top: 249px; left: 246px; font-size: 14px; font-weight: 700; color: #EAFF00; }	    .clear {	        clear: both;		font-size: 12px;	    }	    .foot-info {                padding: 20px 0;	    }				    .foot-info p {		text-align: center;		color: #FFF;		line-height: 24px;	    }        /style>        script typetext/javascript>        //!CDATA        $(function(){        });        //>        /script>    /head>    body>        div idbg>            div classtext>通知：br/>p>网站改版升级中，敬请期待！/p>/div>        /div>        div classclear>/div>        div classfoot-info>            p>武汉世纪德安网络科技  a target_blank hrefhttps://beian.miit.gov.cn/#/Integrated/index>鄂ICP备15007446号/a>/p>        /div>   /body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > www.58ad.cn

Is this malicious?

Files that talk to www.58ad.cn

Whois

DNS Resolutions

Port 80