Domain > copy.com

More information on this domain is in AlienVault OTX

Reports

http://www.clearskysec.com/dustysky/

https://otx.alienvault.com/pulse/568e917967db8c057...

Files that talk to copy.com

MD5	A/V
77a4aa9a892900856033e330fd6eea45
87dbc9aac324b434558266c05f324217	[TrojanDownloader.JS.r4] [RDN/Downloader.a!qj] [Trojan.RA-based!mts/RlSxtb8] [WS.Reputation.1] [Win32/VB.WBcMSHC] [TROJ_DROPPE.YYXT] [Trojan-Downloader.JS.Small.ps] [JS.A.Small.127319] [SCRIPT.Virus] [TR/Visucius.119] [Trj/CI.A] [Win32/RA-based.NAW] [Trojan-Spy.Zbot] [JS/Small.NAW!tr.dldr] [Trojan.JS.Downloader.ahsa] [Win32/Trojan.Downloader.a9a]
6c5c36f11862a7781f2afad43c052843	[Artemis!6C5C36F11862] [WS.Reputation.1] [TROJ_SPNV.03D214] [Trojan-Downloader.JS.Small.ps] [UnclassifiedMalware] [SCRIPT.Virus] [Heuristic.BehavesLike.Win32.Suspicious-PKR.G] [Win32/RA-based.NAW] [W32/RA_based.NAW!tr] [Trojan.JS.Downloader.AG] [Win32/Trojan.Downloader.a9a]
b5f63e79903d39e9d4831d249654981a	[RDN/PWS-Banker.dldr!g] [Trojan.Win32.Badur.cubwxj] [TrojWare.Win32.Delf.ebs] [Trojan.DownLoader9.40604] [Trojan/Win32.Downloader] [Trj/dtcontx.L] [PE:Trojan.Banload!6.1270] [Trojan-Dropper.Delf] [W32/Delf.RQV!tr.dldr] [Win32/DH{ICQiJVdO}] [Trojan.Win32.Delf.RQV]
8bb9d1b8bf19d333fc82b073f70f72f4
1457d1dcad83198505bbc6c59125b235	[Riskware] [Trojan.Win32.Scar.bypouk] [Trojan.Win32.Scar.hqtx] [Trojan.Scar!kHLHfkt40Dg] [UnclassifiedMalware] [TR/Kilim.C.4] [Heuristic.LooksLike.Win32.Suspicious.B] [Trojan/Win32.Scar] [W32/Trojan.OLGW-9305] [Trojan.Scar] [W32/Scar.HQTX!tr]
4f2fa37969f3837eba837ab10682c9b5	[Artemis!4F2FA37969F3] [Posible_Worm32] [WS.Reputation.1] [Trojan-Downloader.JS.Small.ps] [Heuristic.BehavesLike.Win32.Suspicious-PKR.G] [Trojan.JS.Downloader.ACR] [Win32/RA-based.NAW] [W32/RA_based.NAW!tr]
359923bda4d5fef7137a9ff933a4570f
324e4807229f820fd346142161818ef3	[PossibleThreat.SB!tr]
3ea1e7c26047f6df9cc034ae4acf88cc
fb7da857ab5555734f862b5dd746c620	[Artemis!FB7DA857AB55] [WS.Reputation.1] [BehavesLike.Win32.Trojan.gc] [Virus.Win32.Heur.l]
e5294340d07abd7f86a690a5f1b0053a	[RDN/Downloader.a!pv] [Trojan.Dropper.SFX] [Trojan.RA-based!TQtkdAFAcCs] [WS.Reputation.1] [Trojan-Downloader.JS.Small.ps] [UnclassifiedMalware] [SCRIPT.Virus] [TR/Visucius.8] [Heuristic.BehavesLike.Win32.Suspicious-PKR.G] [TrojanDownloader.JS.Small] [Trojan.JS.Downloader.athy] [Win32/RA-based.NAW] [JS/Small.NAW!tr.dldr] [Trj/CI.A]
8e709d95713b873b5dccb7d62fc2e77b
6f6d56466b65c76d586d5a35433a74e6
5e320d401ab416a63ee11422495107d0	[Trojan.Dropper]
7de11e8baba2bc7d67959b97bb12d83a
6578dad52399f7feaffe1e55aaf11d59	[MSIL/Small.UF!tr.dldr]
84e7f824725d2cd8de13d8c4a52adae6
6aa5bca10373ed1cc270e025458a0588
a6c4e99dffe7ac3ad21938fe93056abb

Whois

Property	Value
Name	Barracuda Hostmaster
Organization	Barracuda Networks Inc
Email	hostmaster@barracuda.com
Address	3175 Winchester Blvd
Zip Code	95008
City	Campbell
State	CA
Country	US
Phone	+1.4083425400
Fax	+1.4083421061
NameServer	NS2.P23.DYNECT.NET
Created	1995-02-16 05:00:00
Changed	2015-02-26 20:45:02
Expires	2016-02-17 00:00:00
Registrar	Domain.com, LLC

DNS Resolutions

Date	IP Address
2013-05-18	64.235.151.10 (ClassC)
2013-05-31	64.235.151.14 (ClassC)
2013-05-31	64.235.151.6 (ClassC)
2013-06-02	64.235.151.13 (ClassC)
2013-06-02	64.235.151.11 (ClassC)
2013-06-03	64.235.151.17 (ClassC)
2013-06-06	64.235.151.19 (ClassC)
2013-06-06	64.235.154.165 (ClassC)
2013-06-10	64.235.151.15 (ClassC)
2013-06-12	64.235.151.18 (ClassC)
2013-06-12	64.235.151.16 (ClassC)
2013-08-28	64.235.151.34 (ClassC)
2013-10-15	64.235.154.173 (ClassC)
2013-10-15	64.235.154.174 (ClassC)
2013-10-15	64.235.154.176 (ClassC)
2013-10-15	64.235.151.36 (ClassC)
2013-10-15	64.235.154.172 (ClassC)
2013-10-16	64.235.154.177 (ClassC)
2013-10-19	64.235.151.34 (ClassC)
2013-10-19	64.235.151.32 (ClassC)
2013-10-19	64.235.151.35 (ClassC)
2013-10-19	64.235.154.175 (ClassC)
2013-10-19	64.235.151.33 (ClassC)
2013-11-02	64.235.151.41 (ClassC)
2013-11-02	64.235.151.40 (ClassC)
2013-11-03	64.235.151.39 (ClassC)
2013-11-07	64.235.151.42 (ClassC)
2013-11-30	64.235.151.4 (ClassC)
2013-11-30	64.235.151.9 (ClassC)
2013-11-30	64.235.151.29 (ClassC)
2013-12-13	64.235.151.45 (ClassC)
2013-12-13	64.235.151.46 (ClassC)
2013-12-16	64.235.151.47 (ClassC)
2013-12-22	64.235.151.44 (ClassC)
2013-12-26	64.235.151.52 (ClassC)
2013-12-26	64.235.151.25 (ClassC)
2013-12-26	64.235.151.51 (ClassC)
2013-12-27	64.235.151.43 (ClassC)
2014-04-05	64.235.151.32 (ClassC)
2014-05-06	64.235.151.39 (ClassC)
2014-05-07	66.96.161.160 (ClassC)
2014-05-31	64.235.151.41 (ClassC)
2014-07-21	64.235.151.45 (ClassC)
2014-10-15	64.235.151.36 (ClassC)
2014-10-23	64.235.151.33 (ClassC)
2015-09-01	64.235.153.67 (ClassC)
2015-09-08	64.235.153.68 (ClassC)
2015-09-15	64.235.153.72 (ClassC)
2015-09-29	64.235.153.66 (ClassC)
2016-08-07	69.58.186.114 (ClassC)
2016-12-01	216.87.148.114 (ClassC)
2018-03-28	45.79.181.179 (ClassC)
2019-05-15	35.192.143.62 (ClassC)
2020-06-28	104.18.39.88 (ClassC)
2020-11-18	104.18.38.88 (ClassC)
2025-04-19	104.21.39.72 (ClassC)
2025-05-12	172.67.143.166 (ClassC)

HTTP/1.1 200 OKDate: Sun, 28 Jul 2019 14:11:07 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveSet-Cookie: __cfduidded760f5e8732d72a906fb3c731d635931564323067; expiresMon, 27

!DOCTYPE html>html langen>  head>    meta charsetutf-8>    meta http-equivX-UA-Compatible contentIEedge>    meta nameviewport contentwidthdevice-width, initial-scale1>    title>Copy.com/title>    link hrefhttps://fonts.googleapis.com/css?familyLato:400,300,700 relstylesheet typetext/css>    link hrefnormalize.css relstylesheet>    link href_index.css relstylesheet>    link relshortcut icon typeimage/x-icon hrefhttps://www.copy.com/favicon.ico>    !-- Global site tag (gtag.js) - Google Analytics -->    script async srchttps://www.googletagmanager.com/gtag/js?idUA-120165894-1>/script>    script>      window.dataLayer  window.dataLayer || ;      function gtag(){dataLayer.push(arguments);}      gtag(js, new Date());      gtag(config, UA-120165894-1);/script>  /head>  body>    div idbg>      div idcopy_logo>img srccopy_at_barracuda.svg altCopy © />/div>      div idhero>        div idheader stylemargin-bottom: 15px; max-width: none;>Copy has been discontinued/div>        div idcontent stylewidth: 400px; margin: 20px 0 40px 0;>          div classcontent_align>            p>              Copy was discontinued on May 1, 2016.            /p>          /div>        /div>      /div>    /div>  /body>/html>

Subdomains

Date	Domain	IP
notification.copy.com	2015-03-24	54.237.217.91

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > copy.com

Is this malicious?

Reports

Files that talk to copy.com

Whois

DNS Resolutions

Port 80

Port 443

Subdomains