Domain > evcs-crl.ws.symantec.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to evcs-crl.ws.symantec.com

MD5	A/V
76729286509909b810aae77907c75413	[Artemis!767292865099] [TROJ_GE.A43B570E]
0861028d352941c03dca3fe7be6789ef	[Worm.Rebhip.r4] [Trojan.Injector.Win32.221782] [Trojan.Win32.Injector.bxcaug] [Trojan.Zbot] [UnclassifiedMalware] [BehavesLike.Win32.Backdoor.gc] [Win32.Troj.Undef.(kcloud)] [Worm:Win32/Rebhip.A] [PWSZbot-FACM!0861028D3529] [Trojan.MSIL.Injector.bYN] [Win32.SuspectCrc] [MSIL/Injector.PE!tr] [Inject.AJQR] [Win32/Trojan.734]
64aef8226ad0e18df4a5b7d0e1cbb4c7
07a57b6581490bbc9f3da1e3ce34c341
4f2dac9d2500387d24faf05c5222a1d3
9d04eb2620e034d2f7b061cc5a5ed457	[W32.HfsIframe.C3e1]
761728c46a64d588890643438ef3afa2
56289cce147148a4d854dfea6ba3e2db
121dc9da8632b649cd99d10f79045793
2a2647dcaafe304f6143074a475189d5	[Artemis!2A2647DCAAFE] [Malware.AJILI] [Luhe.Fiha.A]
02561efbc06fc00ebe8b7faddb254f94
a9e0be1b184cd1bbae365accd66a2893	[Artemis!A9E0BE1B184C] [DLOADER.Trojan] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S]
87867ef4ca9163f3104eaec672ad4288	[Artemis!87867EF4CA91] [WS.Reputation.1] [Malware] [Win.Trojan.Qhost-1813] [PUP/Win32.Helper]
afa6f6165bb637dadda656c9cb86f920	[W32/A-ef3a91e1!Eldorado]
78274f866570cfcb5b12471b2a525ac3	[W32.HfsAutoB.0fab] [Trojan/W32.KRBanker.21642] [TrojanProxy.Potukorp.r2] [Artemis!78274F866570] [Trojan.Qhost!2YNGuQoJWPc] [Trojan.Win32.NSPM.cyvvtf] [PE:Backdoor.Win32.Obfuscator.bl!1075339587] [Heuristic.LooksLike.Win32.Suspicious.C] [Mal/Behav-160] [TrojanProxy:Win32/Potukorp.A] [Trojan/Win32.Banki] [W32/Trojan.SHNZ-5798] [Trojan.Win32.Banker.bOW] [Win32.Backdoor.Obfuscator.Aglb] [Trojan-Proxy] [W32/Qhost_Banker.OW!tr] [Proxy.BDAM] [Trj/CI.A] [Suspicious.Cloud.5]
4a3530ed68e64f411cd0b66cc98ef058	[Artemis!4A3530ED68E6] [Trojan.Downloader.cn] [WS.Reputation.1] [Startpage.ITJD] [Trojan.Win32.Badur.gcyr] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Win32.Troj.Badur.gc.(kcloud)] [PUP/Win32.StartPage] [Trojan.NSIS] [W32/Badur.GCYR!tr] [SHeur4.ALHH]
216334af4d221420e771ccadb0dc0c6a	[Artemis!216334AF4D22] [PUP.Optional.Meinv] [TR/Dldr.Megone.tga] [TrojanDownloader:Win32/Hicrazyk.A] [NSIS/TrojanDownloader.Grinidou.F] [Trojan-Downloader.Win32.Hicrazyk] [W32/StartPage.NY!tr] [Trojan.NSIS.Grinidou.F]
1caf820f3d70a93a4d27bba92eaf3339	[Artemis!1CAF820F3D70] [DLOADER.Trojan] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Trojan:Win32/Comroki]
20e1869be2d72209912aafb1e4924726	[Trojan/W32.KRBanker.28160.G] [Trojan-Spy.Win32.Zbot!O] [TrojanSpy.Zbot.r4] [Spyware.Zbot.JWZ] [W32/Heuristic-210!Eldorado] [TROJ_FORUCON.BMC] [Trojan.Win32.Zbot.cxbdqz] [Trojan.Win32.A.Zbot.28160.D] [TrojWare.Win32.Injector.cej] [Trojan.Packed.22856] [Heuristic.LooksLike.Win32.Suspicious.C!86] [Mal/Dropper-AB] [Trojan/Hijacker.lc] [TrojanProxy:Win32/Potukorp.A] [Win-Trojan/Banki.28160] [Trj/CI.A] [PE:Trojan.Win32.Injector.fo!1075351907] [Trojan-Spy.Win32.Zbot] [W32/Injector.ZBT!tr] [Pakes_c.BPIV] [Trojan.Win32.Zbot.AF]
a17f71684883c039de826b2e42644dc0

Whois

Property	Value
Name	Domain Manager
Organization	SymantecCorporation
Email	domains@symantec.com
Address	350EllisStreet
Zip Code	94043
City	MountainView
State	CA
Country	US
Phone	+1.6505278000
Fax	+1.6505278000
NameServer	pdns5.ultradns.info
Created	1992-11-24 05:00:00
Changed	2014-11-19 11:28:31
Expires	2015-11-23 00:00:00
Registrar	CSC CORPORATE DOMAIN

DNS Resolutions

Date	IP Address
2013-04-01	199.7.55.190 (ClassC)
2013-04-01	199.7.59.190 (ClassC)
2013-05-16	199.7.51.190 (ClassC)
2013-05-16	199.7.52.190 (ClassC)
2013-07-09	23.55.149.163 (ClassC)
2013-07-12	23.35.165.163 (ClassC)
2013-07-18	2.22.133.163 (ClassC)
2013-10-11	23.61.181.163 (ClassC)
2013-10-19	23.60.133.163 (ClassC)
2013-10-23	23.61.69.163 (ClassC)
2013-10-25	23.36.149.163 (ClassC)
2013-10-25	23.37.37.163 (ClassC)
2013-12-07	23.65.5.163 (ClassC)
2014-02-09	23.51.117.163 (ClassC)
2014-02-21	23.4.37.163 (ClassC)
2014-03-15	23.50.69.163 (ClassC)
2014-04-15	23.52.53.163 (ClassC)
2014-04-17	23.5.245.163 (ClassC)
2014-05-22	23.13.165.163 (ClassC)
2014-06-12	23.64.165.163 (ClassC)
2014-06-23	23.5.5.163 (ClassC)
2014-06-23	23.7.133.163 (ClassC)
2014-06-27	23.5.5.163 (ClassC)
2014-07-20	23.7.69.163 (ClassC)
2014-07-21	23.9.85.163 (ClassC)
2014-09-10	23.7.133.163 (ClassC)
2014-10-14	23.37.37.163 (ClassC)
2014-10-17	23.53.181.163 (ClassC)
2014-10-23	23.5.245.163 (ClassC)
2015-08-14	23.49.133.163 (ClassC)
2016-03-29	23.9.117.163 (ClassC)
2016-07-27	23.4.181.163 (ClassC)
2017-06-19	23.15.149.163 (ClassC)
2017-09-08	23.63.133.163 (ClassC)
2017-09-29	23.46.117.163 (ClassC)
2018-03-21	23.37.165.163 (ClassC)
2018-04-01	23.54.181.163 (ClassC)
2018-05-08	23.43.69.163 (ClassC)
2018-05-12	23.4.53.163 (ClassC)
2019-05-28	93.184.220.29 (ClassC)
2019-11-10	117.18.237.29 (ClassC)
2020-12-31	72.21.91.29 (ClassC)
2023-03-01	192.229.221.95 (ClassC)
2024-12-22	192.229.211.108 (ClassC)
2025-03-01	23.221.103.101 (ClassC)
2025-05-18	23.198.106.123 (ClassC)
2025-06-05	23.196.145.101 (ClassC)

Subdomains

Date	Domain	IP
ncw-01.symantec.com	2024-12-12	35.190.72.88
fe0001.symantec.com	2014-11-17	184.50.238.8
mrs-uat-tus1.symantec.com	2025-05-17	34.107.142.185
ns2.symantec.com	2025-05-26	204.74.109.1
shasta-rrs-sim-43.symantec.com	2025-05-26	35.190.125.30
ns4.symantec.com	2025-05-12	199.7.68.1
icd-schema.symantec.com	2025-05-12	35.227.208.79
test-inquira.symantec.com	2015-04-07	63.236.252.176
shasta-rrs-beta.symantec.com	2025-05-26	35.190.125.30
sec.symantec.com	2025-06-02	34.8.226.100
kbdownload.symantec.com	2014-02-27	165.254.155.115
esdownload.symantec.com	2014-11-20	205.185.206.155
entced.symantec.com	2025-05-27	192.19.145.20
gold.symantec.com	2016-03-17	107.20.174.202
activate.atpcloud.symantec.com	2019-10-15	13.224.29.53
securitycloud.symantec.com	2025-04-28	34.117.90.54
usea1.r3.securitycloud.symantec.com	2025-01-22	34.117.32.246
us.spoc.securitycloud.symantec.com	2025-05-04	34.117.217.74
sepc.securitycloud.symantec.com	2025-06-02	35.186.217.224
us-mc1.sepmobile.securitycloud.symantec.com	2025-05-17	34.98.100.43
mitm2.sepmobile.securitycloud.symantec.com	2024-12-22	152.199.4.152
aad.sepmobile.securitycloud.symantec.com	2025-05-13	34.120.129.121
apkdownload.sepmobile.securitycloud.symantec.com	2025-05-28	34.120.129.121
api.sepmobile.securitycloud.symantec.com	2025-05-25	34.120.129.121
us-mc1-api.sepmobile.securitycloud.symantec.com	2025-04-10	34.98.100.43
mdm.sepmobile.securitycloud.symantec.com	2025-05-12	34.120.129.121
mitm.sepmobile.securitycloud.symantec.com	2024-12-03	152.195.19.241
cdn.sepmobile.securitycloud.symantec.com	2024-12-12	152.195.19.241
demo.sepmobile.securitycloud.symantec.com	2025-05-25	34.120.129.121
mdatp.sepmobile.securitycloud.symantec.com	2025-06-04	34.120.129.121
incidents.sepmobile.securitycloud.symantec.com	2023-09-25	34.117.234.137
mgmt.sepmobile.securitycloud.symantec.com	2025-05-12	34.120.129.121
sep.in.securitycloud.symantec.com	2025-05-12	35.186.232.85
sep.securitycloud.symantec.com	2025-05-31	35.186.217.224
uep.securitycloud.symantec.com	2019-10-12	52.45.217.119
scwp.securitycloud.symantec.com	2025-05-31	34.117.32.246
bds.securitycloud.symantec.com	2025-05-29	34.117.32.246
us.securitycloud.symantec.com	2025-05-06	34.117.90.54
eu.securitycloud.symantec.com	2025-05-01	34.117.90.54
sep.eu.securitycloud.symantec.com	2025-05-12	34.111.33.195
clicktime.symantec.com	2025-05-31	54.185.0.191
www-secure.symantec.com	2025-05-12	172.64.150.145
securityresponse.symantec.com	2014-12-31	165.254.207.80

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]