Help
RSS
API
Feed
Maltego
Contact
Domain > gammus.com
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
Reports
http://blog.dynamoo.com/2015/12/malware-spam-unpai...
http://vxvault.net/ViriList.php
https://otx.alienvault.com/pulse/5671e2da4637f2563...
https://otx.alienvault.com/pulse/56c374ab67db8c125...
Files that talk to gammus.com
MD5
A/V
aebc9f6f287b462801bb8572d2429823
[
Trojan.Script.Kryptik.dzcqji
] [
TrojanDownloader:JS/Swabfex.D
] [
JS/Downloader
] [
JS/Kryptik.AYN
]
76f854f350718e679f6ffe72a9d92ad7
[
Trojan.Script.Kryptik.dzcqji
] [
JS/Downloader
]
fc1513ab0a69ccac0e3dc16123761834
[
Trojan.Script.Kryptik.dzcqji
] [
JS/Downloader
]
1ce90dfa5aa019c90af0c6a3113d80cc
[
JS_SWABFEX.F
] [
Trojan.Script.Kryptik.dzcqji
] [
JS_SWABFEX.F
] [
TrojanDownloader:JS/Swabfex.D
] [
JS/Downloader
] [
Trojan-Downloader.JS.Swabfex
]
d36919be4c911effc3dfa2177bf1422f
[
Trojan.Script.Kryptik.dzcqji
] [
JS/Downloader
] [
TrojanDownloader:JS/Swabfex.D
]
a3f5ac38921ff4c2c3e857a20d99957d
[
Trojan.Script.Kryptik.dzcqji
] [
TrojanDownloader:JS/Swabfex.D
] [
JS/Downloader
]
2690665f1b9419f8dd01b82ad7bed6ce
[
Trojan.Script.Kryptik.dzcqji
] [
TrojanDownloader:JS/Swabfex.D
] [
JS/Downloader
]
ae7a61fb935cdc77447b09f9408f0f34
[
Trojan.Script.Kryptik.dzcqji
] [
JS_NEMUCOD.XYAA
] [
JS.S.Downloader.20436[h]
] [
JS_NEMUCOD.XYAA
] [
BehavesLike.JS.ExploitBlacole.lm
] [
Troj/TeslaC-B
] [
TrojanDownloader:JS/Swabfex.D
] [
JS/Downloader
] [
JS/Kryptik.AYN
] [
Trojan.JS.Crypt
]
397a04882b5a796fe248640019e29a77
2aaff48db74e3e29ace0b0e362c0b15b
[
JS:Trojan.JS.Downloader.BA
] [
JS/Nemucod.aj
] [
JS:Trojan.JS.Downloader.BA
] [
JS/Downldr.CZ!Eldorado
] [
Trojan.Script.Kryptik.dzcqji
] [
JS:Trojan.JS.Downloader.BA
] [
JS:Trojan.JS.Downloader.BA
] [
JS/Nemucod.aj
] [
Troj/JSDown-BG
] [
JS/Downldr.CZ!Eldorado
] [
TrojanDownloader:JS/Swabfex.E
] [
JS:Trojan.JS.Downloader.BA
] [
JS:Trojan.JS.Downloader.BA
] [
JS/Downloader
] [
JS/Kryptik.AYO
] [
JS/Kryptik.AYO!tr
]
Whois
Property
Value
Email
ballin@gammus.com
NameServer
DNS2.MIKYMAUS.IN
Created
2015-12-11 00:00:00
Changed
2015-12-11 00:00:00
Expires
2016-12-11 00:00:00
Registrar
GUANGDONG NAISINIKE
DNS Resolutions
Date
IP Address
2015-12-12
93.189.42.21
(
ClassC
)
2015-12-12
149.202.234.190
(
ClassC
)
2015-12-13
178.33.200.177
(
ClassC
)
2015-12-14
83.69.233.102
(
ClassC
)
2015-12-14
5.178.71.5
(
ClassC
)
2015-12-15
84.200.69.60
(
ClassC
)
2015-12-16
5.178.71.10
(
ClassC
)
2015-12-16
185.69.152.145
(
ClassC
)
2017-03-03
54.165.22.2
(
ClassC
)
2017-03-03
52.55.207.183
(
ClassC
)
2017-03-03
52.1.32.25
(
ClassC
)
2017-03-26
54.236.195.15
(
ClassC
)
2017-04-30
52.204.129.22
(
ClassC
)
2017-04-30
54.85.127.70
(
ClassC
)
2017-05-01
34.199.238.33
(
ClassC
)
2017-11-10
52.71.185.125
(
ClassC
)
2018-01-11
54.174.212.152
(
ClassC
)
2018-06-01
52.86.23.17
(
ClassC
)
2018-07-14
52.72.89.116
(
ClassC
)
2018-07-14
52.5.142.190
(
ClassC
)
2018-08-16
52.54.24.134
(
ClassC
)
2018-08-16
52.6.128.155
(
ClassC
)
2018-09-10
52.7.6.73
(
ClassC
)
2018-09-17
52.4.66.100
(
ClassC
)
2018-09-17
54.152.137.87
(
ClassC
)
2018-09-25
52.5.251.20
(
ClassC
)
2018-09-25
52.6.46.72
(
ClassC
)
2018-09-25
52.87.45.42
(
ClassC
)
2018-10-24
52.22.89.169
(
ClassC
)
2018-10-24
54.144.21.246
(
ClassC
)
2018-11-29
52.73.179.54
(
ClassC
)
2018-11-29
54.208.56.179
(
ClassC
)
2019-03-12
23.20.239.12
(
ClassC
)
2019-04-09
34.200.200.95
(
ClassC
)
2019-04-09
3.94.104.205
(
ClassC
)
2019-05-17
209.99.64.18
(
ClassC
)
2019-05-25
35.169.58.188
(
ClassC
)
2019-05-25
54.208.77.124
(
ClassC
)
2019-08-30
52.58.78.16
(
ClassC
)
2023-12-24
3.64.163.50
(
ClassC
)
2024-08-01
76.223.54.146
(
ClassC
)
2024-08-04
13.248.169.48
(
ClassC
)
Port 80
HTTP/1.1 301 Moved PermanentlyServer: openresty/1.13.6.2Date: Tue, 02 Jul 2019 21:47:46 GMTContent-Type: text/html; charsetutf-8Transfer-Encoding: chunkedConnection: keep-aliveX-Frame-Options: SAMEORI html>body>You are being a hrefhttps://gammus.com/>redirected/a>./body>/html>
Port 443
HTTP/1.1 200 OKServer: openresty/1.13.6.2Date: Tue, 02 Jul 2019 21:47:47 GMTContent-Type: text/html; charsetutf-8Transfer-Encoding: chunkedConnection: keep-aliveX-Frame-Options: SAMEORIGINX-XSS-Protec !DOCTYPE html>html itemscope itemtypehttp://schema.org/WebSite>head>link relstylesheet mediascreen hrefhttps://cdn0.dan.com/assets/application-e116f9da647e82c6345920f345eadbf7faddf68fa9cc64530d1c71dff9f44cd8.css />link hrefhttps://cdn1.dan.com/assets/icons/favicon-ed801dd88c062243f5e43cb5f8fced0a080ad854030ada505303e144c104f04b.ico relicon typeimage/x-icon>link hrefhttps://cdn3.dan.com/assets/icons/touch-icon-iphone-cef164b4d6d29e1bff2bad9e49abaf143593a07d8a6e584f472b545b9e0c5631.png relapple-touch-icon>link hrefhttps://cdn1.dan.com/assets/icons/touch-icon-ipad-7e9822ba1e8fa34ce37262f6746dbc72819d754f805a410dbeb2cedb08a05789.png relapple-touch-icon sizes76x76>link hrefhttps://cdn3.dan.com/assets/icons/touch-icon-iphone-retina-42b99bfa7f037e7773362a76bf1ee70632541e4054f9003ce6f190dc9070fd8d.png relapple-touch-icon sizes120x120>link hrefhttps://cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png relapple-touch-icon sizes152x152>!-- - if Rails.application.secrets.optimizely.present? -->!-- render layouts/shared/optimizely -->script> (function(i,s,o,g,r,a,m){iGoogleAnalyticsObjectr;irir||function(){ (ir.qir.q||).push(arguments)},ir.l1*new Date();as.createElement(o), ms.getElementsByTagName(o)0;a.async1;a.srcg;m.parentNode.insertBefore(a,m) })(window,document,script,//www.google-analytics.com/analytics.js,ga); ga(create, UA-47793354-3, auto); ga(require, displayfeatures); ga(set, anonymizeIp, true); // Optimizely Universal Analytics Integration code // window.optimizely window.optimizely || ; // window.optimizely.push(activateUniversalAnalytics); window.url { withQueryString: /, withoutQueryString: / } ga(set, dimension13, vat_enabled); ga(set, dimension14, seller_content_absent); ga(set, dimension15, seller_disabled); ga(set, dimension16, views_disabled); ga(set, dimension17, buy_now_in_installments); ga(send, pageview, url.withQueryString);/script>script> (function(w,d,s,l,i){wlwl||;wl.push({gtm.start:new Date()
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]