Domain > riv710.vicp.cc

More information on this domain is in AlienVault OTX

Files that talk to riv710.vicp.cc

MD5	A/V
d20dcf860a03700ade7d3365d9aaf4e3	[W32/Trojan.FFQB-7547] [Win32/Nitol.PMdeWaB] [Win.Trojan.Microfake-3] [Trojan.PWS.Gamania.44384] [W32/SDBot.BX!tr] [Trojan.Win32.ServStart] [RDN/Sdbot.worm!bx] [DDoS*Win32/Nitol.A] [Backd]
5d46127361c95820e83a2847aa2bf4b2	[W32/Trojan.RUPV-5882] [Win32/Nitol.PMdeWaB] [Win.Trojan.Microfake-3] [Trojan.PWS.Gamania.44384] [W32/SDBot.BX!tr] [Trojan.Win32.ServStart] [RDN/Sdbot.worm!bx] [DDoS*Win32/Nitol.A] [Backdoor.Overie!486D] [Mal/Behav-004] [Trojan.Lapka] [TROJ_NITOL.SMN1] [Rootkit.Lapka]
cb0eb11eb2988f0241b9c5a7b3ab6136	[W32/Trojan.SGQF-3145] [Trojan.PWS.Gamania.43032] [Win32/ServStart.EQ] [W32/ServStart.GL!tr] [Trojan.Win32.ServStart] [Trojan.ServStart] [DDoS*Win32/Nitol.A] [Backdoor.Overie!486D] [Mal/Behav-004] [Backdoor.Nitol] [TROJ_NITOL.SMN1] [Trojan.Staser]
4c3e07c6547963788d1a893b38910cd7	[Trojan.Nitol.A] [Trojan-FGAH!F2786695F02A] [Trojan.ServStart] [Posible_Worm32] [Trojan.Win32.Graftor.dcewsz] [W32/Heuristic-114!Eldorado] [Backdoor.Nitol] [TROJ_NITOL.SMN1] [Win.Trojan.Dropped-1488] [Trojan.DownLoader11.21065] [Worm.ServStart.Win32.60] [TROJ_NITOL.SMN1] [BehavesLike.Win32.Dropper.mc] [W32/Heuristic-114!Eldorado] [TR/Graftor.146258] [W32/ServStart.GL!tr] [Dropper/Win32.Dinwod] [DDoS:Win32/Nitol.A] [Win32.Worm.Servstart.Pdms] [Trojan.DOS] [DoS.FEZ] [Win32/Trojan.759]

Whois

Property	Value
Email	cyy@vavic.com
NameServer	NS2.EXHERA.COM
Created	2006-08-03 07:52:52
Changed	2015-04-08 00:40:12
Registrar	WEB COMMERCE COMMUNI

DNS Resolutions

Date	IP Address
2015-02-03	174.128.255.232 (ClassC)
2015-05-15	60.169.53.204 (ClassC)
2015-08-13	60.169.53.62 (ClassC)
2017-09-26	106.75.65.176 (ClassC)
2018-11-21	174.128.255.253 (ClassC)
2019-06-26	174.128.255.245 (ClassC)
2019-07-13	174.128.255.232 (ClassC)
2021-01-06	174.128.255.252 (ClassC)
2024-06-16	0.0.0.0 (ClassC)
2025-03-31	47.111.82.157 (ClassC)
2025-05-28	146.56.248.213 (ClassC)

HTTP/1.1 200 OKServer: nginxDate: Sat, 22 Jun 2019 08:50:20 GMTContent-Type: text/htmlContent-Length: 3854Last-Modified: Wed, 04 Nov 2015 21:47:28 GMTConnection: keep-aliveVary: Accept-EncodingETag: 5

!DOCTYPE html>html>head>meta charsetutf-8 />meta http-equivX-UA-Compatible contentIEEdge,chrome1 />title>很抱歉，您访问的花生壳动态域名不在线，请稍后再尝试访问！/title>link hrefimg/style.css typetext/css relstylesheet />script>location.assign(http://offline-adv.oray.com/?host + location.host);/script>script>  (function(i,s,o,g,r,a,m){iGoogleAnalyticsObjectr;irir||function(){  (ir.qir.q||).push(arguments)},ir.l1*new Date();as.createElement(o),  ms.getElementsByTagName(o)0;a.async1;a.srcg;m.parentNode.insertBefore(a,m)  })(window,document,script,//www.google-analytics.com/analytics.js,ga);  ga(create, UA-42330484-1, auto);  ga(send, pageview);/script>/head>body>div classheader-wrapper>    div classheader>        div classlogo>a hrefhttp://www.oray.com/jump/44063>img srcimg/ph_logo.png >/a>/div>        div classext>很抱歉，您访问的a href http://www.oray.com/jump/43573 target_blank classred>花生壳动态域名/a>span iddomain>/span>不在线，请稍后再尝试访问！/div>    /div>/div>div classcontainer>	ul classclear pic>    	li>a hrefhttp://www.oray.com/jump/43772 target_blank>img src./img/pic_10.jpg border0 />/a>/li>    	li idpic-sl>/li>    	li>a hrefhttp://www.oray.com/jump/44058 target_blank>img src./img/pic_04.jpg border0 />/a>/li>    /ul>        div idad-wrapper classadpic clear styleheight: 520px>    /div>    script typetext/javascript languageJavaScript>	pic  new Array(4);	pic0  a hrefhttp://www.oray.com/jump/44101 target_blank>img src./img/pic_sl-01.png border0 />/a>;	pic1  a hrefhttp://www.oray.com/jump/44102 target_blank>img src./img/pic_sl-02.png border0 />/a>;	pic2  a hrefhttp://www.oray.com/jump/44103 target_blank>img src./img/pic_sl-03.png border0 />/a>;	pic3  a hrefhttp://www.oray.com/jump/44104 target_blank>img src./img/pic_sl-04.png border0 />/a>;	index  Math.floor(Math.random() * pic.length);	document.getElementById(pic-sl).innerHTML  picindex;		document.title  很抱歉，您访问的花生壳动态域名 + location.host + 不在线，请稍后再尝试�

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > riv710.vicp.cc

Is this malicious?

Files that talk to riv710.vicp.cc

Whois

DNS Resolutions

Port 80