Domain > ftp.sh

More information on this domain is in AlienVault OTX

Files that talk to ftp.sh

MD5	A/V
37c4cad9ac34f77f608d3009f29dec73	[Trojan.MSIL] [Trojan.Win32.Recam.dqngqt]
acdb67f506a8b48c08f3a78d825d3fd2

DNS Resolutions

Date	IP Address
2009-05-29	216.142.65.13 (ClassC)
2011-08-06	85.214.70.156 (ClassC)
2011-09-27	195.140.252.223 (ClassC)
2011-11-02	188.95.50.20 (ClassC)
2011-11-06	188.95.53.70 (ClassC)
2011-12-03	192.162.70.208 (ClassC)
2013-06-01	207.136.100.69 (ClassC)
2013-11-15	209.20.91.20 (ClassC)
2014-05-29	173.230.147.208 (ClassC)
2014-07-02	183.90.187.137 (ClassC)
2024-06-10	69.162.163.32 (ClassC)
2024-08-10	168.235.69.160 (ClassC)
2025-10-16	185.52.1.106 (ClassC)
2026-02-08	217.154.171.182 (ClassC)

HTTP/1.1 200 OKDate: Sat, 26 Aug 2023 15:53:43 GMTServer: ApacheCache-Control: max-age600, must-revalidateX-Frame-Options: SAMEORIGINVary: Accept-EncodingContent-Length: 2211Content-Type: text/html;ch

!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 3.2 Final//EN>html> head>  title>Index of //title> /head> body>h1>Index of //h1>pre>img src/icons/blank.gif altIcon > a href?CN;OD>Name/a>                         a href?CM;OA>Last modified/a>      a href?CS;OA>Size/a>  a href?CD;OA>Description/a>hr>img src/icons/folder.gif altDIR> a hrefapple2/>apple2//a>                      23-Dec-2022 20:52    -   img src/icons/folder.gif altDIR> a hrefbeta/>beta//a>                        14-Jun-2019 08:20    -   img src/icons/folder.gif altDIR> a hrefbooks/>books//a>                       14-Jun-2019 08:20    -   img src/icons/folder.gif altDIR> a hrefelection-voicemails/>election-voicemails//a>         11-Oct-2012 16:33    -   img src/icons/folder.gif altDIR> a hreffirestickTV/>firestickTV//a>                 02-Jan-2021 06:58    -   img src/icons/folder.gif altDIR> a hrefmp3/>mp3//a>                         12-Jul-2023 20:49    -   img src/icons/folder.gif altDIR> a hrefogg/>ogg//a>                         15-Sep-2019 13:46    -   img src/icons/folder.gif altDIR> a hrefrepublican-party-robo-calls/>republican-party-robo-calls//a> 06-Nov-2012 06:24    -   img src/icons/folder.gif altDIR> a hrefrss/>rss//a>                         15-May-2018 10:00    -   img src/icons/folder.gif altDIR> a hrefshockwave/>shockwave//a>                   28-Jul-2017 09:33    -   img src/icons/folder.gif altDIR> a hreftestfile/>testfile//a>                    14-Jun-2019 08:30    -   img src/icons/folder.gif altDIR> a hrefwavs/>wavs//a>                        22-Oct-2019 18:34    -   img src/icons/image2.gif altIMG> a hrefPirateFlag.gif>PirateFlag.gif/a>               06-Jun-2017 05:24  1.3K  img src/icons/image2.gif altIMG> a hrefbug.jpg>bug.jpg/a>                      04-Nov-2015 19:31  3.8K  img src/icons/unknown.gif alt   > a hrefketchup_on_fries_dance.mp4>ketchup_on_fries_dance.mp4/a>   23-Dec-2015 16:17  3.4M  hr>/pre>/body>/html>

Subdomains

Date	Domain	IP
mongostyle.ftp.sh	2026-02-04	109.202.217.188
yahoo.co.jp.ftp.sh	2013-06-05	198.199.75.95
jacks.ftp.sh	2014-12-28	69.197.18.176
books.ftp.sh	2025-02-14	169.150.247.39
rss.ftp.sh	2025-12-17	185.111.111.158

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > ftp.sh

Is this malicious?

Files that talk to ftp.sh

DNS Resolutions

Port 80

Subdomains