Domain > rzal.pl

More information on this domain is in AlienVault OTX

Reports

http://www.malware-traffic-analysis.net/2015/09/02...

https://otx.alienvault.com/pulse/55e819e767db8c2de...

Files that talk to rzal.pl

MD5	A/V
99df44fd0000ff1d7a810b5012ef06b0	[Win32/Filecoder.EM]
9cd70299c5f16642411c241c6dab45bd	[HW32.Packed.E546]
35334f1fcb9d9350eb6e49b234372b5a	[HW32.Packed.A975]
92e6e23de4e8d594aed40fd9847ff1fd
ffa1a998dceeec83f078c0527038e8d7	[Trojan.Filecoder!U/t4sCtUKr8] [Trojan.Cryptolocker.N] [Win32/Filecoder.EM] [Trojan.Win32.MulDrop6.dwnqsi] [Trojan.MulDrop6.4658] [Trojan.Filecoder.Win32.778] [W32/Trojan.LSBV-1361] [Ransom:Win32/Tescrypt!rfn] [Trojan/Win32.Teslacrypt] [W32/Filecoder.EM!tr] [FileCryptor.DKM] [Trojan.Win32.Filecoder.EM]
7902f2c1d0ef5353d6ddf1f551a68a2d	[HW32.Packed.9976] [Trojan.TeslaCrypt] [Trojan.Cryptolocker.N] [Win32/Filecoder.EM] [TROJ_CRYPTESLA.CC] [Win32.Trojan.Crypt.Agba] [TROJ_CRYPTESLA.CC] [RDN/Ransom] [TR/Crypt.ZPACK.54367] [Ransom:Win32/Tescrypt.A] [Trojan/Win32.Netcurs] [RDN/Ransom] [Trj/CI.A] [Trojan.Win32.Filecoder] [W32/CRYPTESLA.CC!tr] [FileCryptor.DFF] [Trojan.Win32.Filecoder.EM]
cfd7fe7b563971e20920f840d8f9619f	[HW32.Packed.D28B] [Trojan.TeslaCrypt] [Trojan-Ransom.Win32.Bitman.yr] [Troj/Ransom-BGJ] [Trojan.DownLoader16.4942] [TR/Crypt.ZPACK.55171] [W32/Kryptik.8C4B!tr] [Ransom:Win32/Tescrypt.A] [Trojan/Win32.Tescrypt] [TeslaCrypt!CFD7FE7B5639] [Trojan.Win32.Ransom.yr] [Trojan.Win32.Crypt] [Crypt4.CDMN]

Whois

Property	Value
NameServer	ns2.zenbox.pl
Created	2006.05.04 11:07:29
Changed	2015.04.14 17:31:51
Expires	2016.05.04 11:07:29
Registrar	Consulting Service S

DNS Resolutions

Date	IP Address
2018-08-03	104.24.120.114 (ClassC)
2018-08-03	104.24.121.114 (ClassC)
2019-09-06	185.23.21.12 (ClassC)
2021-02-28	185.23.21.96 (ClassC)
2024-11-19	185.253.212.22 (ClassC)

Port 80

HTTP/1.1 403 ForbiddenConnection: closeCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: Apache/2.2.16 (Debian)Content-Length: 13773

!DOCTYPE HTML>html langen-US>    head>        meta charsetUTF-8 />        meta http-equivcontent-type contenttext/html; charsetutf-8 />meta namerobots contentnoindex, nofollow />meta namekeywords    contentjoomla, Joomla, joomla 1.5, wordpress 2.5, Drupal />meta namedescription contentJoomla! />meta namegenerator    contentJoomla! 1.5 - Open Source Content Management />meta namegenerator contentWordPress 2.5 />        meta http-equivContent-Type contenttext/html;charsetUTF-8 />        meta nameviewport contentwidthdevice-width, initial-scale1, maximum-scale1 />        title>Waiting for the redirectiron.../title>        style typetext/css>            body {background-color: #ffffff; font-family: Helvetica Neue, Helvetica,Arial,sans-serif;}            html, body {width: 100%; height: 100%; margin: 0; padding: 0;}            span {color: #878787; font-size: 12pt;  text-align: center;}            h1 {color: #878787; font-size: 18pt; text-align: center;}            .link {margin-top: 40px;}            .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;}            .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}            .sk-circle .sk-child:before {content: ;display: block;margin: 0 auto;width: 15%;height: 15%;background-color: #666666;border-radius: 100%;-webkit-animation: sk-circleBounceDelay 1.2s infinite ease-in-out both;animation: sk-circleBounceDelay 1.2s infinite ease-in-out both;}            .sk-circle .sk-circle2 {-webkit-transform: rotate(30deg);-ms-transform: rotate(30deg);transform: rotate(30deg); }            .sk-circle .sk-circle3 {-webkit-transform: rotate(60deg);-ms-transform: rotate(60deg);transform: rotate(60deg); }            .sk-circle .sk-circle4 {-webkit-transform: rotate(90deg);-ms-transform: rotate(90deg);transform: rotate(90deg); }            .sk-circle .sk-circle5 {-webkit-transform: rotate(120deg);-ms-transform: rotate(120deg);transform: rotate(120deg); }            .sk-circle .sk-circle6 {-webkit-transform: rotate(150deg);-ms-tra

Subdomains

Date	Domain	IP
mx10.rzal.pl	2024-11-02	185.253.212.22
mail2.rzal.pl	2024-09-13	185.253.212.22
ns2.rzal.pl	2024-11-12	185.253.212.22
mx2.rzal.pl	2024-11-02	185.253.212.22
mail5.rzal.pl	2024-10-18	185.253.212.22
mail6.rzal.pl	2024-10-16	185.253.212.22
nasza-klasa.rzal.pl	2024-09-13	185.253.212.22
home.rzal.pl	2024-11-02	185.253.212.22
mail.rzal.pl	2024-11-02	185.253.212.22
antispam.rzal.pl	2024-09-13	185.253.212.22
correo.rzal.pl	2024-09-13	185.253.212.22
pop.rzal.pl	2024-11-02	185.253.212.22
mailsrv.rzal.pl	2024-11-14	185.253.212.22
mx.rzal.pl	2024-11-02	185.253.212.22
mailrelay.rzal.pl	2024-09-13	185.253.212.22

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]