Domain > ipecho.net

More information on this domain is in AlienVault OTX

Reports

https://blogs.sophos.com/2016/01/06/the-current-st...

http://pastebin.com/d4EpJQgR

Files that talk to ipecho.net

MD5	A/V
1b5e7fe5c7e30fbe079a4fd95692e9d9
4f75146eac8f1245978f115951219c01
3a50395e6d2cbb816678fb7b8ff000bf	[WS.Reputation.1] [Trojan.DownLoader14.38248] [Trojan.MSIL.Krypt.4] [Trj/Chgt.O] [Trojan.MSIL.Spy] [Luhe.MalMSIL.C] [Win32/Trojan.385]
6cc3ade06f71ce7b1cdf27398649bb2f
59c4b577bd4f90e0688a224e69d150d4
0351489fda345e65ece6e1c6e3516055
f0b2a092678139684812b829cccbe187
78cf37513b309da5d689ffa4f96cfe1d
d466634ab91a661b6a9bacfe675fe6cf
161a9156ef416d49281025e3b5209708
cacaef588c6250a43892c6cb90c4fb1d
0c4f25f85d8caffddfbbc384ebbb7a70
858dda321f69821330d02560a05e2081
20f3817beb89dfcd21941fd7aa945215
dd15e22f7ac38b27c573a16883cd127a
13cdf75ceb35cb51c0d44daf705c25d8
b2853010fa7ee2e6057d5c7e89ed4e60	[Trojan.Win32.A.Lydra.1623552[h]]
992faebdb14cbed5999f25d255952532	[BehavesLike.Dropper.fc]
0de00f550414dff2d944e55047fb9ce1
e40d02595d6adbebf8f73338c33d35a3

Whois

Property	Value
NameServer	NS46.DOMAINCONTROL.COM
Created	2009-03-01 00:00:00
Changed	2015-08-31 00:00:00
Expires	2019-03-01 00:00:00
Registrar	GODADDY.COM, LLC

DNS Resolutions

Date	IP Address
2014-04-21	188.25.73.210 (ClassC)
2014-05-26	5.12.196.11 (ClassC)
2014-06-05	188.25.36.110 (ClassC)
2014-12-12	146.255.36.1 (ClassC)
2017-02-05	5.12.8.185 (ClassC)
2017-02-10	82.76.46.246 (ClassC)
2017-02-16	82.76.159.151 (ClassC)
2017-02-20	5.12.167.98 (ClassC)
2017-02-27	5.12.46.85 (ClassC)
2017-03-06	5.12.203.129 (ClassC)
2017-03-08	84.232.223.240 (ClassC)
2017-03-09	82.76.177.134 (ClassC)
2017-03-26	188.26.15.45 (ClassC)
2017-04-07	5.12.151.12 (ClassC)
2017-04-13	5.12.205.171 (ClassC)
2017-04-14	188.27.89.172 (ClassC)
2017-04-17	5.12.152.140 (ClassC)
2017-05-01	5.12.153.81 (ClassC)
2017-05-11	188.27.90.100 (ClassC)
2017-05-12	188.25.138.202 (ClassC)
2017-06-11	5.12.184.90 (ClassC)
2018-09-06	146.255.36.1 (ClassC)
2019-11-04	216.239.34.21 (ClassC)
2020-08-09	216.239.38.21 (ClassC)
2020-10-07	216.239.36.21 (ClassC)
2020-12-26	216.239.32.21 (ClassC)
2021-03-15	34.117.59.81 (ClassC)
2024-07-14	34.117.118.44 (ClassC)
2025-08-17	34.160.111.145 (ClassC)

Port 80

HTTP/1.1 200 OKDate: Sun, 26 May 2019 02:42:55 GMTContent-Type: text/html; charsetutf-8Content-Length: 1415Vary: Accept-EncodingAccess-Control-Allow-Origin: *X-Frame-Options: DENYVia: 1.1 google

!DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01//EN http://www.w3.org/TR/html4/strict.dtd>html>head>    title>IP Echo Service/title>    meta http-equivContent-Type contenttext/html; charsetutf-8>    meta namekeywords contentIP, What, IP, Address, External, What Is My IP>    link relcanonical hrefhttps://ipinfo.io/>        link hrefstyle.css relstylesheet typetext/css>    /head>body>main>div styletext-align: center; flex: 1; >    h1>Your IP is 52.40.234.105/h1>    br>    If youre looking for your local IP address, then you probably need to visit a href/localip.html>this page/a>.br>    On a href/extra>this page/a> you can find out what the server knows about you.br>    br>    Developers should click a href/developers.html>here/a>.    br>br>br>    !-- FB Button -->    div idfb-root>/div>    script>(function(d, s, id) {        var js, fjs  d.getElementsByTagName(s)0;        if (d.getElementById(id)) return;        js  d.createElement(s); js.id  id;        js.src  //connect.facebook.net/en_US/all.js#xfbml1;        fjs.parentNode.insertBefore(js, fjs);    }(document, script, facebook-jssdk));/script>    div classfb-like data-hrefhttp://ipecho.net/ data-sendtrue data-layoutbutton_count data-width150 data-show-facesfalse>/div>/div>/main>/body>/html>

Port 443

HTTP/1.1 200 OKDate: Sun, 26 May 2019 02:42:55 GMTContent-Type: text/html; charsetutf-8Content-Length: 1415Vary: Accept-EncodingAccess-Control-Allow-Origin: *X-Frame-Options: DENYVia: 1.1 google

Subdomains

Date	Domain	IP
2012.ipecho.net	2025-08-20	34.160.111.145
24.ipecho.net	2025-08-13	34.160.111.145
dns4.ipecho.net	2025-07-12	34.160.111.145
niagara.ipecho.net	2025-07-12	34.160.111.145
0ver-used.ipecho.net	2025-08-13	34.160.111.145
api.ipecho.net	2025-08-19	34.160.111.145
xml.ipecho.net	2024-07-05	34.117.118.44
dspam.ipecho.net	2024-07-06	34.117.118.44
investigacion.ipecho.net	2024-07-05	34.117.118.44
w.ipecho.net	2025-08-13	34.160.111.145
willow.ipecho.net	2025-07-17	34.160.111.145
www.ipecho.net	2024-07-14	34.117.118.44
energy.ipecho.net	2025-08-13	34.160.111.145

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]