Domain > static.revenyou.com

More information on this domain is in AlienVault OTX

Reports

https://otx.alienvault.com/pulse/56b513384637f20e8...

https://www.carbonblack.com/2016/02/03/apts-may-be...

Files that talk to static.revenyou.com

MD5	A/V
1e7acf5f9ffa8d91ed9e419867cd6388
843e61d945ba7d6b959e63e519b14493	[TROJ_FAKEAV.BMC] [AdWare.iBryte] [Adware/IBryte] [Downloader.NSIS]
5acf522d1d0ffc19b89afbe6fb55c2e2	[MemScan:Application.Bundler.Outbrowse.K] [Trojan-Clicker/W32.OutBrowse.999697] [Artemis!5ACF522D1D0F] [PUP.Optional.OutBrowse] [PUA.OutBrowse!] [not-a-virus:AdWare.Win32.OutBrowse.zq] [Riskware.Win32.OutBrowse.degihs] [Troj.Ransom.W32.PornoAsset] [Win32.Adware.Outbrowse.Szch] [MemScan:Application.Bundler.Outbrowse] [Adware.Downware.5559] [Adware.OutBrowse.Win32.4921] [BehavesLike.Win32.AdwareBetterSurf.dc] [Win32.Troj.OutBrowse.zq.(kcloud)] [AdWare.OutBrowse] [Win32/OutBrowse.X] [Adware.Win32.OutBrowse.aCM] [Win32/Application.c1e]
698cf51b91e7c4759de8245f232abc41	[Trojan.ADH.2] [not-a-virus:Downloader.NSIS.OutBrowse.t] [Adware.Downware.2081] [PUP/Win32.OutBrowse] [Downloader.OutBrowse] [Trojan.Win32.OutBrowse.N] [Win32/OutBrowse.N] [Riskware/OutBrowse] [Trj/CI.A]
5fb65464f4b854c795b067326375dec6
d152ff0fa67595144c861601e605b6e3	[Trojan.Writos]
545e00a63f86bc926f12abeff4b6f55b	[HW32.CDB.08f9] [Trojan.Dropper.WLW] [BackDoor-FBYQ!545E00A63F86] [Trojan.Win32.Simda.cwzntt] [WS.Reputation.1] [Simda.TGZ] [Win32/Simda.fGXWUID] [Backdoor.Win32.Simda.acni] [Backdoor.Simda!fVXCs6GH0vg] [Trojan.Rodricter.153] [TR/Drop.WLW] [Troj/Medfos-GA] [Trojan[Backdoor]/Win32.Simda] [Backdoor:Win32/Simda.AT] [Trojan/Win32.Simda] [Malware-Cryptor.ImgChk] [Win32/Simda.B] [PE:Malware.XPACK-LNR/Heur!1.5594] [Backdoor.Win32.Simda] [Simda.MF] [Trojan.Win32.Simda.B]
547349954b279b38b5834477e1541fa0	[Trojan-Clicker/W32.OutBrowse.726922] [Artemis!547349954B27] [PUP.Optional.OutBrowse] [Trojan.Win32.OutBrowse.deinil] [WS.Reputation.1] [TROJ_SPNR.08IN14] [not-a-virus:AdWare.Win32.OutBrowse.bcm] [PUA.OutBrowse!] [Win32.Adware.Outbrowse.Suxn] [Trojan.Packed.28662] [Adware.OutBrowse.Win32.9140] [BehavesLike.Win32.AdwareBetterSurf.bc] [Win32.Troj.OutBrowse.b.(kcloud)] [AdWare.OutBrowse] [Adware.Win32.OutBrowse.aa]
c043859346d5a163ec9a6961a6122ef1
29d383c339a6fce435518106f0d93200
5c6038cd758025f0691a781f7018e714	[Dropped:Application.OutBrowse.B] [PUP.Optional.OutBrowse.A] [WS.Reputation.1] [not-a-virus:Downloader.NSIS.OutBrowse.u] [Adware.Downware.2081] [Adware/Downware.ertt] [PUP/Win32.OutBrowse] [Downloader.OutBrowse] [Hacktool.Win32.OutBrowse.aCMK] [Win32/OutBrowse.N] [Riskware/OutBrowse] [Trj/CI.A] [Win32/Virus.Downloader.103]
7a6bb20ed97c7a95548a0c45123ca94a
ff005c9c52ef8abe5956903e69bf6efc	[MemScan:Application.Bundler.Outbrowse.E] [Artemis!FF005C9C52EF] [Trojan.ADH.2] [MemScan:Application.Bundler.Outbrowse] [Adware.Downware.3973] [Trj/OCJ.F] [Adware.Win32.OutBrowse.bS] [Win32/Virus.Downloader.277]
9a7aff45b593b23ac88c539942aed673	[HW32.CDB.68c6] [Trojan/Simda.b] [Backdoor.Simda!SxYzw8llsdk] [Backdoor.Tidserv] [Simda.THI] [Win32/Simda.LcIYVbC] [Backdoor.Win32.Simda.aclt] [Trojan.Win32.Simda.cwfyte] [Mal/Kryptik-E] [TrojWare.Win32.Simda.ATX] [Trojan.Rodricter.153] [Backdoor:Win32/Simda.AT] [Trojan/Win32.Ransomlock] [Virus.Win32.Heur.i] [Malware-Cryptor.ImgChk] [Trj/dtcontx.L] [Win32/Simda.B] [PE:Malware.XPACK-HIE/Heur!1.9C48] [W32/Simda.ACLW!tr.bdr] [Simda.LG]
1f3230146c029f36f2eca16fab53a733	[Dropped:Application.OutBrowse.B] [WS.Reputation.1] [ADW_OUTBROWSE] [not-a-virus:Downloader.NSIS.OutBrowse.t] [Adware.Downware.2081] [PUP/Win32.OutBrowse] [Win32/OutBrowse.N] [Downloader.OutBrowse] [Trj/CI.A] [Dropper] [Riskware/OutBrowse] [Hacktool.Win32.OutBrowse.aThC] [Win32/Application.3cb]
3f59d65102df78f57bd6fd491186b247	[Dropped:Application.OutBrowse.B] [Artemis!3F59D65102DF] [Trojan.ADH.2] [not-a-virus:Downloader.NSIS.OutBrowse.t] [Adware.Downware.2081] [PUP/Win32.OutBrowse] [Win32/OutBrowse.N] [Riskware/OutBrowse] [Hacktool.Win32.OutBrowse.ag] [Win32/Application.3cb]
4c414cfcb4ec2bfe2f520315e80ebbd5	[TROJ_GE.5C6F1877] [not-a-virus:Downloader.NSIS.OutBrowse.o] [Adware.Downware.2081] [Win32/OutBrowse.J]
cde15e16ecb3014ff51e03ded4ada4dd	[PUP.Optional.OutBrowse] [Trojan.Win32.OutBrowse.csrlza] [Adware.Adpopup] [TROJ_GE.D4A3A3C9] [not-a-virus:Downloader.NSIS.OutBrowse.b] [PUA.OutBrowse!] [OutBrowse] [Adware.Downware.1770] [RiskWare[Downloader:not-a-virus]/NSIS.OutBrowse] [Downloader.OutBrowse] [not-a-virus:Downloader.NSIS] [Riskware/NSIS_OutBrowse] [MalSign.OutBrowse.6F3]
b8d58424a09ea4b8d623100a2d1501f3	[Artemis!B8D58424A09E] [PUP.Optional.Smart] [Trojan.Win32.OutBrowse.comdxt] [not-a-virus:Downloader.NSIS.OutBrowse.b] [Application.Win32.OutBrowse.~B] [Adware.Downware.1676] [Downloader/NSIS.OutBrowse] [VIRUS_UNKNOWN] [PUP/Win32.OutBrowse] [Downloader.OutBrowse] [Riskware/NSIS_OutBrowse] [HackTool.Win32.OutBrowse.AfF]
f14b7ea91d08b2cbb38d667e6697ed5b	[MemScan:Application.Bundler.Outbrowse.E] [Artemis!F14B7EA91D08] [PUP.Optional.OutBrowse] [Trojan.Nsis.Download.dcbgnj] [Trojan!9d14] [WS.Reputation.1] [PUA.OutBrowse!] [MemScan:Application.Bundler.Outbrowse] [BehavesLike.Win32.AdwareBetterSurf.dc] [PUP/Win32.OutBrowse] [Trj/CI.A] [Win32/OutBrowse.S] [AdLoad.G] [Adware.Win32.OutBrowse.bS]

Whois

Property	Value
NameServer	NS44.DOMAINCONTROL.COM
Created	2012-10-05 00:00:00
Changed	2015-04-29 00:00:00
Expires	2019-10-05 00:00:00
Registrar	GODADDY.COM, LLC

DNS Resolutions

Date	IP Address
2013-04-01	174.129.32.91 (ClassC)
2013-04-20	108.161.187.128 (ClassC)
2013-09-19	108.161.187.129 (ClassC)
2013-10-23	108.161.187.129 (ClassC)
2013-12-09	108.161.187.128 (ClassC)
2014-02-07	198.232.124.224 (ClassC)
2014-10-30	198.232.124.224 (ClassC)
2021-02-25	199.59.242.153 (ClassC)
2022-05-05	199.59.243.200 (ClassC)
2022-05-26	199.59.243.220 (ClassC)
2022-06-02	216.120.146.200 (ClassC)
2022-07-27	199.59.243.202 (ClassC)
2022-09-02	199.59.243.221 (ClassC)
2022-09-07	199.59.243.222 (ClassC)
2022-09-13	11.23.33.44 (ClassC)
2023-07-06	199.59.243.223 (ClassC)
2023-08-07	199.59.243.224 (ClassC)
2024-05-29	199.59.243.225 (ClassC)
2024-09-09	199.59.243.226 (ClassC)
2024-12-20	199.59.243.227 (ClassC)
2025-08-04	199.59.243.228 (ClassC)

HTTP/1.1 200 OKServer: openrestyDate: Tue, 17 Mar 2020 15:36:36 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBA

!DOCTYPE html>html data-adblockkeyMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ_o1eLm4u2v/9cKBWiQOQYgB+J/S7+kNCqHEF2Kl4yDnjc4QKB4TpYa3RyExLxMjZg1C6dNfcP9QwCSmJQ0FpktA>head>meta http-equivContent-Type contenttext/html; charsetutf-8>title>/title>meta nameviewport contentwidthdevice-width, initial-scale1>meta namedescription contentSee related links to what you are looking for./>/head>!--if IE 6 >body classie6>!endif-->!--if IE 7 >body classie7>!endif-->!--if IE 8 >body classie8>!endif-->!--if IE 9 >body classie9>!endif-->!--if (gt IE 9)|!(IE)> -->body>!--!endif-->script typetext/javascript>g_pb(function(){varDTdocument,azxlocation,DDDT.createElement(script),aACfalse,LU;DD.defertrue;DD.asynctrue;DD.src//www.google.com/adsense/domains/caf.js;DD.onerrorfunction(){if(azx.search!?z){azx.href/?z;}};DD.onloadDD.onreadystatechangefunction(){if(!aAC&&LU){if(!windowgoogleNDT_){}LU(google.ads.domains.Caf);}aACtrue;};DT.body.appendChild(DD);return{azm:function(n$){if(aAC)n$(google.ads.domains.Caf);elseLUn$;},bq:function(){if(!aAC){DT.body.removeChild(DD);}}};})();g_pd(function(){varazxwindow.location,nw{},bH,azwazx.search.substring(1),aAv,aAw;if(!azw)return nw;aAvazw.split(&);for(bH0;bHaAv.length;bH++){aAwaAvbH.split();nwaAw0aAw1?aAw1:;}return nw;})();g_pc(function(){var $is_ABP_whitelistednull;var $Image1new Image;var $Image2new Image;var $error1false;var $error2false;var $remaining2;var $randomMath.random()*11;function $imageLoaded(){$remaining--;if($remaining0)$is_ABP_whitelisted!$error1&&$error2;}$Image1.onload$Image2.onload$imageLoaded;$Image1.onerrorfunction(){$error1true;$imageLoaded();};$Image2.onerrorfunction(){$error2true;$imageLoaded();};$Image1.src/px.gif?ch1&rn+$random;$Image2.src/px.gif?ch2&rn+$random;return{azo:function(){return&abp+($is_ABP_whitelisted?1:0);},$isWhitelisted:function(){return $is_ABP_whitelisted;},$onReady:function($callback){function $poll(){if($is_ABP_whitelistednull)setTimeout($poll,100);else $callback();}$poll()

Subdomains

Date	Domain	IP
static.revenyou.com	2014-10-30	198.232.124.224
dl.revenyou.com	2014-11-07	198.232.124.224

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]