Domain > www.duba.net

More information on this domain is in AlienVault OTX

Files that talk to www.duba.net

MD5	A/V
30e22da1e83695a42804b339fb72d364	[Backdoor*Win32/Zegost.B]
12bf48aad67e6aa7ded1498c4858d865	[Backdoor*Win32/Zegost.B]
f5ca13562fb1b3cec45358021a3b4a25
2ddadf338a58337d51c70f2b3105a5b2
f975521a337dbd521fb6e63bd18b6f8e	[Backdoor*Win32/Zegost.B]
f8cb854597c18887433265702a72cfd4	[Trojan.Spy-80656] [TR/PSW.Bjlog.lby.10] [TrojanDropper*Win32/Zegost.B]
73712259eecbe59245b03f6d8dbdd402	[Heuristics.Broken.Executable] [Backdoor*Win32/Zegost.B]
3fabccdb91cf9038dcffff47bc364830	[W32.Sality.PE] [Win32.Sality.3] [Packed.Win32.Obfuscated.10!O] [W32.Sality.U] [Win32.Sality.BL] [W32.Sality.AE] [Sality.ZHB] [Win32/Sality.AA] [PE_SALITY.RL] [Virus.Win32.Sality.beygb] [Win32.Sality.N] [Trojan.KillProc.26742] [Virus.Sality.Win32.20] [W32/Sality.AT] [Heuristic.LooksLike.Win32.Suspicious.C!80] [Virus:Win32/Sality.AT] [Win32/Kashu.E] [Virus.Win32.Sality.bakc] [W32/Sality.AA] [Win32/Sality.NBA] [Trojan-PWS.Win32.Bjlog] [Win32/Sality] [Virus.Win32.Sality.$Emu]
184f870d527eacc6e28f84efdb67df37	[Backdoor*Win32/Zegost.B]
d850d6a5a34cbb5c030775d30d21b0d1	[TrojanPSW.Bjlog.g5] [Trojan.Spy-80656] [Trojan.Packed.22267] [Win32/Redosdru.GL] [W32/Rincux.AA!tr] [Trojan-PWS.Win32.BjlogWin32.Malware] [Trojan-PSW.Win32.Bjlog.zeq] [TrojanDropperWin32/Zegost.B] [Backdoor.Trojan] [BKDR_ZEGOST.SMZZ]
abec713acddf4ae5b9ddb593188d0b43	[Backdoor*Win32/Zegost.B]
1b1dfac9b0f1356cb8167012164ffb75	[Backdoor*Win32/Zegost.B]
7d290b1298b32cb15e5e4d6298d3e224	[TrojanDropper*Win32/Zegost.B]
914ad1bd33207f40edb342d496abdc6f	[Backdoor*Win32/Zegost.B]
77207de1291743910297c7c005580123
5900589b310931348632c29d0e1bcec6	[Backdoor*Win32/Zegost.B]
99d8ef0fde1e23b1aa6000d36c3c7532
d96ac432402767edafb0d7bab79cc22d	[Backdoor*Win32/Zegost.B]
1c8d4cd98f3ffe1b942f0a04692ed215	[TR/PSW.Bjlog.lfzb] [Trojan.Spy-78740] [TrojanDropper*Win32/Zegost.B]
766c4d534ff8a1b5d048bcbade4a4865

Whois

Property	Value
Email	zhaoyiding@cmcm.com
NameServer	LV3NS2.FFDNS.NET
Created	2002-03-20 00:00:00
Changed	2014-11-24 00:00:00
Expires	2018-03-20 00:00:00
Registrar	ENAME TECHNOLOGY CO.

DNS Resolutions

Date	IP Address
2014-01-25	114.112.68.197 (ClassC)
2014-02-19	114.112.68.197 (ClassC)
2014-12-25	8.37.231.21 (ClassC)
2014-12-31	8.37.231.22 (ClassC)
2015-01-10	8.37.231.19 (ClassC)
2015-02-18	183.136.217.82 (ClassC)
2015-03-06	8.37.231.20 (ClassC)
2015-04-14	58.218.208.199 (ClassC)
2016-03-08	59.56.26.49 (ClassC)
2016-10-31	220.243.199.149 (ClassC)
2017-05-28	123.134.184.158 (ClassC)
2017-10-02	122.228.9.42 (ClassC)
2017-10-30	150.138.238.137 (ClassC)
2018-03-30	123.132.254.205 (ClassC)
2018-03-31	123.132.254.219 (ClassC)
2018-06-19	112.253.11.135 (ClassC)
2018-06-19	112.253.11.137 (ClassC)
2018-07-06	123.134.184.162 (ClassC)
2018-07-06	123.134.184.151 (ClassC)
2018-07-06	119.188.244.81 (ClassC)
2018-07-09	222.132.5.26 (ClassC)
2019-03-23	42.54.2.23 (ClassC)
2019-03-24	42.54.2.25 (ClassC)
2019-03-24	42.54.2.17 (ClassC)
2019-03-24	42.54.2.26 (ClassC)
2019-03-24	42.54.2.21 (ClassC)
2019-03-24	42.54.2.22 (ClassC)
2019-03-24	42.54.2.16 (ClassC)
2019-08-15	113.1.2.31 (ClassC)
2019-08-15	113.1.2.29 (ClassC)
2019-08-24	218.24.18.62 (ClassC)
2019-09-22	218.24.18.52 (ClassC)
2019-10-01	218.24.18.57 (ClassC)
2020-01-09	218.24.18.14 (ClassC)
2020-03-14	117.23.1.15 (ClassC)
2020-05-26	123.149.174.22 (ClassC)
2020-07-29	42.81.57.20 (ClassC)
2020-10-11	60.222.11.51 (ClassC)
2020-11-17	60.222.11.44 (ClassC)
2020-12-01	183.146.208.135 (ClassC)
2021-01-17	150.138.39.240 (ClassC)
2021-01-17	150.138.39.242 (ClassC)
2021-01-20	182.86.84.228 (ClassC)
2021-01-20	182.86.84.232 (ClassC)
2021-02-02	27.22.56.239 (ClassC)
2021-02-02	27.22.56.248 (ClassC)
2021-02-04	27.22.58.191 (ClassC)
2021-02-05	117.91.179.132 (ClassC)
2021-02-14	117.91.179.131 (ClassC)
2021-02-24	150.138.180.244 (ClassC)
2021-03-30	221.229.165.205 (ClassC)
2021-04-13	110.80.139.221 (ClassC)
2021-04-28	183.162.226.117 (ClassC)
2021-04-28	183.162.226.118 (ClassC)
2021-04-28	183.162.226.119 (ClassC)
2021-04-29	113.219.136.27 (ClassC)
2021-04-29	113.219.136.32 (ClassC)
2021-06-04	1.180.13.241 (ClassC)
2021-06-06	150.139.240.239 (ClassC)
2021-06-07	140.249.158.248 (ClassC)
2021-07-06	58.220.55.241 (ClassC)
2021-07-08	150.139.241.248 (ClassC)
2021-07-08	150.139.241.238 (ClassC)
2021-07-12	59.63.238.164 (ClassC)
2021-07-12	59.63.238.166 (ClassC)
2021-07-12	59.63.238.168 (ClassC)
2021-07-12	59.63.238.170 (ClassC)
2021-07-22	223.99.232.215 (ClassC)
2021-07-22	223.99.232.217 (ClassC)
2021-07-29	111.13.210.230 (ClassC)
2021-07-29	111.13.210.227 (ClassC)
2021-07-30	113.214.174.229 (ClassC)
2021-08-03	111.32.169.250 (ClassC)
2021-08-14	115.238.201.199 (ClassC)
2021-09-03	122.225.217.248 (ClassC)
2021-09-07	122.225.216.238 (ClassC)
2021-09-07	122.225.216.241 (ClassC)
2021-09-14	150.139.250.236 (ClassC)
2021-09-14	150.139.250.239 (ClassC)
2021-09-14	150.139.250.248 (ClassC)
2021-09-16	116.211.221.8 (ClassC)
2021-09-16	116.211.221.10 (ClassC)
2021-09-20	119.96.77.237 (ClassC)
2021-09-26	113.113.101.242 (ClassC)
2022-01-04	150.139.248.238 (ClassC)
2022-01-13	223.76.171.227 (ClassC)
2022-07-23	61.155.221.222 (ClassC)
2023-07-17	222.73.33.242 (ClassC)
2023-12-05	120.52.95.239 (ClassC)
2023-12-17	120.232.206.81 (ClassC)
2023-12-20	218.12.76.167 (ClassC)
2023-12-27	120.232.206.82 (ClassC)
2024-01-22	218.12.76.170 (ClassC)
2024-02-18	120.52.95.236 (ClassC)
2024-02-21	120.52.95.235 (ClassC)
2024-03-15	218.12.76.169 (ClassC)
2024-04-07	36.42.77.170 (ClassC)
2024-04-19	36.42.77.164 (ClassC)
2024-07-14	218.12.76.168 (ClassC)
2024-07-14	36.42.77.167 (ClassC)
2024-07-26	120.232.206.78 (ClassC)
2024-11-25	221.194.141.170 (ClassC)
2024-11-25	221.194.141.171 (ClassC)
2024-12-05	36.42.77.171 (ClassC)
2025-02-04	218.12.76.171 (ClassC)
2025-03-05	120.233.178.92 (ClassC)
2025-04-01	221.194.141.169 (ClassC)
2025-04-05	221.194.141.165 (ClassC)
2025-05-03	221.194.141.163 (ClassC)
2025-05-11	120.233.178.91 (ClassC)
2025-05-26	218.12.76.166 (ClassC)
2025-06-28	221.194.141.168 (ClassC)
2025-07-07	221.194.141.236 (ClassC)
2025-07-17	120.241.30.102 (ClassC)
2025-07-23	36.42.77.136 (ClassC)
2025-08-07	221.194.141.166 (ClassC)

HTTP/1.1 200 OKDate: Sat, 24 Aug 2019 19:44:49 GMTContent-Type: text/htmlContent-Length: 10172Connection: keep-aliveServer: TengineLast-Modified: Wed, 17 Jul 2019 08:34:12 GMTVary: Accept-EncodingETag

!DOCTYPE html>html>head>meta charsetUTF-8>meta http-equivX-UA-Compatible contentIEedge,chrome1 >meta nameviewport contentwidthdevice-width,initial-scale1.0,minimum-scale1.0,maximum-scale1.0,user-scalableno,minimal-ui/>meta nameformat-detection contentemailno />meta nameformat-detection contentaddressno />meta nameformat-detection contenttelephoneno />title>【金山毒霸官网】免费杀毒软件|电脑杀毒|全面扫描|垃圾清理|电脑加速|软件管家/title>meta namedescription content金山毒霸11，极速轻巧，安全护航，新功能全面扫描，界面风格清爽升级，持续优化查杀引擎性能，一键加速提高电脑速度，深度清理电脑垃圾，为你的电脑保驾护航。 />meta namekeywords content金山,金山毒霸,毒霸官网,毒霸11,金山毒霸11,毒霸,杀毒,杀毒软件,金山杀毒,免费杀毒,杀毒工具,软件管理,异常修复 />meta namecopyright contentCopyright (c) duba.net>link relShortcut Icon href/favicon.ico>!--if IE 9 >script typetext/javascript srcjs/jquery.pinable.js>/script>script typetext/javascript>    $(document).ready(function () {        $(body).pinable({discStyle: topHat});    });/script>!endif-->!--if lte IE 6>script typetext/javascript srcjs/belatedPNG.js>/script>script typetext/javascript>    var __IE6true;    DD_belatedPNG.fix(img);/script>!endif-->script>var _hmt  _hmt || ;(function() {  var hm  document.createElement(script);  hm.src  http://hm.baidu.com/hm.js?7b344617dc861558bc02241018ca7977;  var s  document.getElementsByTagName(script)0;  s.parentNode.insertBefore(hm, s);})();/script>link relstylesheet hrefcss/indexS.css?v20190531>/head>body>  div classhead_v2 clearfix>    div classcontainer_v2>        a classlogo_v2 fl href//www.ijinshan.com/ statlogo>          img src//www.ijinshan.com/images/20161227/logo-1.png width124 height24/>        /a>    /div>  /div>  div idSBmarginTop0 classcontainer_v2 ban_home_duba10 posi_r styleposition:relative; margin:0px auto>      !--添加视频banner-->      div classt-slide idslide>

Subdomains

Date	Domain	IP
infoc0.duba.net	2014-03-12	119.147.146.84
duba-011.duba.net	2015-03-10	222.132.18.81
cs1.duba.net	2013-08-18	125.39.136.78
infoc2.duba.net	2014-03-12	119.147.146.70
cs2.duba.net	2013-08-18	219.239.93.145
cs13.duba.net	2013-12-18	121.14.11.100
123.duba.net	2014-10-27	8.37.231.19
cs3.duba.net	2014-01-11	114.112.68.186
dr.cs3.duba.net	2014-07-13	114.112.93.52
cs4.duba.net	2013-08-18	125.39.136.78
kwsdata.duba.net	2014-07-11	125.39.136.78
vipzone.c.duba.net	2013-11-10	61.188.191.96
i2c.duba.net	2014-07-11	125.39.136.78
union.infoc.duba.net	2024-06-22	139.9.36.178
download.duba.net	2014-07-19	218.60.107.32
bj.download.duba.net	2024-02-17	116.177.237.157
hd.duba.net	2013-08-18	122.228.218.146
uuid.duba.net	2025-07-14	114.112.68.186
udp.cloud.duba.net	2025-07-26	120.131.3.117
rq.cct.cloud.duba.net	2025-07-14	110.43.89.7
rq.lbcct.cloud.duba.net	2025-07-14	110.43.89.7
rq.kpcct.cloud.duba.net	2025-07-29	110.43.89.9
rq.drcct.cloud.duba.net	2025-07-14	110.43.89.7
rq.wpscct.cloud.duba.net	2025-07-14	110.43.89.7
optimize.duba.net	2023-12-06	175.6.49.1
static.i.duba.net	2014-11-26	61.240.135.34
config.i.duba.net	2015-04-07	222.163.198.56
hy-shengji.duba.net	2014-05-19	221.204.22.208
libmini.duba.net	2014-05-12	112.253.26.34
quick.duba.net	2014-04-04	101.28.252.194
sem.duba.net	2023-12-24	119.39.154.247
wan.duba.net	2013-04-26	222.243.110.166

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > www.duba.net

Is this malicious?

Files that talk to www.duba.net

Whois

DNS Resolutions

Port 80

Subdomains