Domain > yahoogroups.com

More information on this domain is in AlienVault OTX

Files that talk to yahoogroups.com

MD5	A/V
69105950b2bb95843dea5937bea0e8f0	[HW32.CDB.5919] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [BackDoor.Slym.13873] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CBCJ]
ebbf2139fa265c6896be78fe8bbd44f7
e21b3469b4fc1efddf76d8c89f1ebb2a	[Malware.Packer.HGX1] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
9aa81fa022c0b159758efa1bda4f9be1	[HW32.CDB.A20b] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dthd] [UnclassifiedMalware] [BackDoor.Slym.13011] [Backdoor:Win32/Kelihos] [Heur.Trojan.Hlux] [Win32/Kryptik.CBNK] [Win32.Backdoor.Hlux.Hwcu] [Trojan.Crypt3] [W32/Kryptik.BD!tr] [Crypt3.OHL] [Backdoor.Win32.Hlux.Ac]
4211b2d7121c11d5f032e6620030a384	[HW32.CDB.Cd7e] [Packed.Win32.Katusha.3!O] [Hlux.ZY] [VirTool:Win32/Obfuscator.WT]
db5b440f6419090cd9567f3b33fd3ced	[Malware.Packer.HGX1] [BackDoor.SlymENT.1498] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
b36385662ebdaf40bc3d28f90b6a4751	[Spyware.Zbot.USBV] [Trojan] [BackDoor.SlymENT.1498] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan/Win32.Foreign]
3220ab9b63a767c299000ea9d9e3a056	[HW32.CDB.1b0b] [Packed.Win32.Katusha.1!O] [Backdoor.Hlux!u8SUOkHyYnA] [Trojan.FakeAV] [Kryptik.CCFN] [Win32/Kelihos.RbUfAWB] [Backdoor.Win32.Hlux.dpoo] [Trojan.Win32.Hlux.cxxuzn] [TrojWare.Win32.Kryptik.CAUP] [BackDoor.Slym.12819] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Backdoor.Hlux] [Win32/Kryptik.CAXO] [Win32.Backdoor.Hlux.Lgjg] [Trojan.Crypt_s] [W32/Kryptik.CAXO!tr] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CAXO]
860dd245cbecd656df047b97456d0ad0	[HW32.CDB.9069] [Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.AntiWare!1.9D9B] [W32/Kelihos.KK@mm]
1929530a1f2d6d48a87aac928220e460	[HW32.CDB.4199] [Backdoor.Hlux.r3] [Trojan.Win32.Hlux.cwwgjj] [Kryptik.CCFN] [Backdoor.Win32.Hlux.crc] [Backdoor.Hlux!GJ0f5FTmyog] [UnclassifiedMalware] [BackDoor.Slym.14056] [Heuristic.LooksLike.Win32.Suspicious.E] [Mal/Kelihos-A] [Trojan[Backdoor]/Win32.Hlux] [Trojan:Win32/Sisron] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32.SuspectCrc] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GJB] [Trojan.Win32.Kryptik.BZWV] [Win32/Trojan.e55]
37b9070bfbc74ee584b01de29d129911	[HW32.CDB.Ec9a] [Heur.Trojan.Hlux]
2c2371e95bb5d87ccd5d19a114492f70	[HW32.CDB.18af] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [BackDoor.Slym.13873] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Backdoor.Win32.Kelihos] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CBCJ] [Win32/Trojan.0de]
315325f544912a68464bf38e3edf6371	[HW32.CDB.9e5e] [Backdoor/W32.Hlux.829456.H] [Packed.Win32.Katusha.3!O] [Backdoor.Hlux.r3] [Backdoor.Hlux!aauIqdu764w] [Trojan.FakeAV] [Kryptik.CDQY] [Backdoor.Win32.Hlux.dqyy] [Win32.Backdoor.Hlux.Lhdb] [UnclassifiedMalware] [Trojan.Packed.26581] [Win32.Hack.Hlux.dq.(kcloud)] [Backdoor:Win32/Kelihos.F] [Backdoor.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.aZvR] [Win32/Trojan.337]
d38a3646d932d062528aea48d2122315
5ea646ffdc1e9bc7759fdfc926de7660	[PWS-FASY!5EA646FFDC1E] [Malware.Packer.EGX7] [Password-Stealer] [Trojan] [Hlux.XD] [Trojan-PSW.Win32.Tepfer.ijnk] [BackDoor.Slym.1498] [TR/Rogue.14575.23] [Heuristic.BehavesLike.Win32.Suspicious-BAY.G] [Troj/Tepfer-Q] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Foreign] [HeurEngine.MaliciousPacker] [Win32/Kelihos.F] [Trojan-PWS.Win32.Tepfer] [W32/Kryptik.X!tr] [Trj/Tepfer.B]
4be57c95dd1e77ba6b00af63f6c5d79a	[BackDoor.Slym.1498] [BDS/Kelihos.F.5092] [Win32.PSWTroj.Tepfer.hd.(kcloud)] [Backdoor:Win32/Kelihos.F] [Backdoor/Win32.Kelihos] [Backdoor.Win32.Kelihos] [W32/Kelihos.JI!tr]
1623be5a046aa215162665c5067332e0	[HW32.CDB.Db63] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [Trojan-PSW.Win32.Tepfer.tybm] [Trojan.PWS.Tepfer!sA6n+JUlMF8] [UnclassifiedMalware] [Trojan.Packed.26581] [Backdoor:Win32/Kelihos.F] [W32/Trojan.YSDP-3009] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GNC] [Trojan.Win32.InfoStealer.aRBP]
4db0e2318885466883cc47fb4c11b695	[FakeSecTool-FCX!4DB0E2318885] [Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.XPACK/RDM!5.1] [W32/Kelihos.DE!tr]
61b408e2de1c4996c3708f1f46913d60	[HW32.CDB.C1b5] [Trojan.Kryptik!QyFpAm9uzfY] [Kryptik.CCFN] [Backdoor.Win32.Hlux.djft] [Trojan.Win32.S.PSW-Tepfer.835600.AI] [UnclassifiedMalware] [BackDoor.Slym.14044] [Mal/Kelihos-A] [Trojan[Backdoor]/Win32.Hlux] [Trojan/Win32.Tepfer] [W32/Trojan.AJYO-7526] [Backdoor.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt3.HUF] [Trojan.Win32.Kryptik.BZIX]
dde053529fc90359815908c8ee1def65	[FakeSecTool-FCX!DDE053529FC9] [Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.XPACK/RDM!5.1]

Whois

Property	Value
Email	domainadmin@yahoo-inc.com
NameServer	NS2.YAHOO.COM
Created	2000-04-28 00:00:00
Changed	2015-03-27 00:00:00
Expires	2016-04-28 00:00:00
Registrar	MARKMONITOR INC.

DNS Resolutions

Date	IP Address
2013-05-16	66.196.94.104 (ClassC)
2013-05-16	98.137.34.115 (ClassC)
2013-06-01	66.196.94.104 (ClassC)
2013-06-02	98.137.34.115 (ClassC)
2014-05-19	74.6.50.24 (ClassC)
2014-05-22	212.82.102.24 (ClassC)
2014-05-24	87.248.120.148 (ClassC)
2014-05-26	98.137.236.24 (ClassC)
2014-05-29	77.238.184.24 (ClassC)
2014-05-30	106.10.212.24 (ClassC)
2014-06-16	68.142.243.179 (ClassC)
2014-06-16	68.142.243.179 (ClassC)
2014-06-17	98.137.236.24 (ClassC)
2014-06-18	98.139.102.145 (ClassC)
2014-06-18	77.238.178.122 (ClassC)
2014-06-18	119.160.242.96 (ClassC)
2014-06-19	68.180.206.184 (ClassC)
2014-06-21	106.10.212.24 (ClassC)
2014-06-28	77.238.178.122 (ClassC)
2014-06-28	74.6.50.24 (ClassC)
2014-07-01	77.238.184.24 (ClassC)
2014-07-05	68.180.206.184 (ClassC)
2014-07-13	98.139.102.145 (ClassC)
2014-08-27	87.248.120.148 (ClassC)
2014-11-25	212.82.102.24 (ClassC)
2014-12-03	119.160.242.96 (ClassC)
2015-03-10	106.10.212.150 (ClassC)
2015-03-10	98.137.236.150 (ClassC)
2015-03-10	124.108.105.150 (ClassC)
2015-03-10	188.125.73.108 (ClassC)
2018-11-05	212.82.100.150 (ClassC)
2018-11-05	74.6.136.150 (ClassC)
2023-08-27	98.136.103.23 (ClassC)
2023-12-05	44.228.206.170 (ClassC)
2023-12-23	13.49.212.207 (ClassC)
2023-12-28	34.225.127.72 (ClassC)
2024-02-07	54.161.105.65 (ClassC)
2025-01-03	76.223.84.192 (ClassC)
2025-03-30	13.248.158.7 (ClassC)

HTTP/1.1 301 Moved PermanentlyDate: Sun, 27 Aug 2023 09:34:47 GMTConnection: keep-aliveVia: http/1.1 src4.ops.bf1.yahoo.com (ApacheTrafficServer)Server: ATSCache-Control: no-storeContent-Type: text/ht

!DOCTYPE html>html langen-us>  head>    meta http-equivcontent-type contenttext/html; charsetUTF-8>    meta charsetutf-8>    title>Yahoo/title>    meta nameviewport contentwidthdevice-width,initial-scale1,minimal-ui>    meta http-equivX-UA-Compatible contentIEedge,chrome1>    style>      html {          height: 100%;      }      body {          background: #fafafc url(https://s.yimg.com/nn/img/sad-panda-201402200631.png) 50% 50%;          background-size: cover;          height: 100%;          text-align: center;          font: 300 18px helvetica neue, helvetica, verdana, tahoma, arial, sans-serif;          margin: 0;      }      table {          height: 100%;          width: 100%;          table-layout: fixed;          border-collapse: collapse;          border-spacing: 0;          border: none;      }      h1 {          font-size: 42px;          font-weight: 400;          color: #400090;      }      p {          color: #1A1A1A;      }      #message-1 {          font-weight: bold;          margin: 0;      }      #message-2 {          display: inline-block;          *display: inline;          zoom: 1;          max-width: 17em;          _width: 17em;      }      /style>      script>            /script>  /head>  body>  !-- status code : 301 -->  !-- Could not process this request -->  !-- host machine: src4.ops.bf1.yahoo.com -->  !-- timestamp: 1693128887.442 -->  !-- url: http://yahoogroups.com/-->  script typetext/javascript>    function buildUrl(url, parameters){      var qs  ;      for(var key in parameters) {        var value  parameterskey;        qs.push(encodeURIComponent(key) +  + encodeURIComponent(value));      }      url  url + ? + qs.join(&);      return url;    }    function generateBRBMarkup(site) {      params.source  brb;      generateBeaconMarkup(params);      var englishHeader  Will be right back...;      var englishMessage1  Thank you for your patience.;      var englishMessage2  Our engineers are working quickly to resolve the issue.;      var defaultLogoStyle  ;      var siteDataMap  {

Subdomains

Date	Domain	IP
www.yahoogroups.com	2013-12-25	98.139.239.180

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > yahoogroups.com

Is this malicious?

Files that talk to yahoogroups.com

Whois

DNS Resolutions

Port 80

Subdomains