Help RSS API Feed Maltego Contact                        

Domain > oh28ya.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to oh28ya.com

MD5A/V
29bc940ee9a3eac0149ed07dd5753710[W32.AndromPlwbahC.Trojan] [TrojanDownloader.Cutwail.r3] [Trojan.Injector!WWqNbSPGUtU] [Backdoor.Trojan] [Cutwail.DCN] [TROJ_SPNV.01KP14] [Trojan.Win32.Cutwail.fal] [Win32.Trojan.Cutwail.Htmq] [UnclassifiedMalware] [BackDoor.Andromeda.559] [BehavesLike.Win32.Dropper.nh] [Troj/MSIL-AZF] [W32/Backdoor.DYFX-3160] [Trojan/Win32.Cutwail] [TrojanDownloader:Win32/Cutwail] [RDN/Spybot.bfr!o] [TScope.Trojan.MSIL] [Trj/Chgt.N] [Trojan.Win32.Cutwail] [MSIL/GLQ!tr] [MSIL5.BVOW] [Trojan.Win32.Cutwail.ATJx]
9ab0a68d8ad9e102ccd7fd0a067ecd9d[W32.HfsAutoA.BDEF] [Trojan.Crypt.NKN] [W32/Trojan3.MQR] [Backdoor.Win32.Androm.fptk] [Trojan.Win32.Andromeda.djycfa] [Virus.Win32.Heur.c] [PE:Malware.XPACK-HIE/Heur!1.9C48] [BackDoor.Andromeda.404] [BehavesLike.Win32.PWSZbot.cc] [Mal/VB-AOE] [W32/Trojan.MZKU-6435] [Trojan/Win32.Androm] [Trojan.Win32.Injector.bBQXM] [Backdoor.Win32.Androm] [VBCrypt.IOJ]
90ba8b4cd89a5fd23bb0c3f17a759ba5[Trojan.Inject.r3] [Trojan.Injector!xSxmY/oTY4I] [Trojan.Win32.Inject.tfmg] [Trojan.Win32.Inject.dhtgak] [Win32.Trojan.Inject.Hssg] [UnclassifiedMalware] [Trojan.DownLoad.64914] [Trojan.Inject.Win32.108354] [BehavesLike.Win32.Dropper.nh] [Troj/Msil-ANY] [W32/Trojan.GRSK-5893] [Trojan/Win32.Inject] [TrojanDownloader:Win32/Cutwail] [Win-Trojan/MDA.630F094C] [RDN/Spybot.bfr!o] [Trojan.Inject] [Trj/Chgt.J] [Evilware.Outbreak] [W32/Inject.TFMG!tr] [MSIL5.APAS] [Trojan.Win32.Inject.aJp] [Win32/Trojan.9d7]
54c65013e0c6395f49c1bee35327f8fe[Trojan.Inject.IA] [Trojan.Inject.IA] [Trojan.Inject.IA] [Trojan/Wigon.pi] [Trojan.Inject.IA] [Trojan.Win32.DownLoad.dnpdpk] [New] [Suspicious.Cloud.5] [Trojan.Win32.Cutwail.dpv] [Trojan.Wigon!ntSxypTAolk] [Trojan.Inject.IA] [Trojan.Inject.IA] [Trojan.DownLoad.64914] [Patched] [Trojan/Cutwail.if] [W32/Cutwail.NLQ!tr] [Win32.Troj.Cutwail.d.(kcloud)] [Trojan.Inject.IA] [Backdoor/Win32.Pushdo] [Trojan.Cutwail] [Trojan.Inject.IA]
87209bcb0e0f2f07ebb713c73591a293[Trojan.Inject.IA] [Trojan.Inject.IA] [Trojan/Wigon.pi] [Trojan.Inject.IA] [Trojan.Win32.DownLoad.dnpdpk] [New] [Suspicious.Cloud.5] [Trojan.Win32.Cutwail.dpv] [Trojan.Wigon!ntSxypTAolk] [Trojan.Inject.IA] [Trojan.Inject.IA] [Trojan.DownLoad.64914] [Trojan.PornDialer.Win32.2002] [Patched] [Trojan/Cutwail.if] [W32/Cutwail.NLQ!tr] [Win32.Troj.Cutwail.d.(kcloud)] [Trojan.Inject.IA] [Backdoor/Win32.Pushdo] [Trojan.Inject.IA] [Trojan.Cutwail] [Trojan.Inject.IA]

Whois

PropertyValue
Nameoh28ya
Organization oh28ya
Email [email protected]
Address 1-205 Motogo
Zip Code 463-0025
City Moriyama-ku Nagoya-s
State Aichi
Country JP
Phone +81.527990707
Fax +81.527990755
NameServer ns-1512.awsdns-61.org
Created 2004-11-17 04:38:31
Changed 2015-03-30 06:40:35
Expires 2015-11-17 00:00:00
Registrar GMO INTERNET, INC. D

DNS Resolutions

DateIP Address
2014-12-03182.48.25.236 (ClassC)
2019-02-1354.178.140.67 (ClassC)
2021-05-0252.68.15.16 (ClassC)
2022-03-0435.72.252.186 (ClassC)
2022-03-0452.199.117.85 (ClassC)
2022-03-1154.150.41.208 (ClassC)
2022-03-1113.230.228.240 (ClassC)
2022-05-0852.196.157.149 (ClassC)
2022-05-1835.78.2.99 (ClassC)
2022-06-0354.64.26.26 (ClassC)
2022-06-3052.197.24.176 (ClassC)
2022-06-3054.250.211.14 (ClassC)
2022-07-0813.113.225.54 (ClassC)
2023-12-0257.180.170.246 (ClassC)
2023-12-1735.79.208.11 (ClassC)
2023-12-2054.248.165.166 (ClassC)
2024-01-1052.199.133.28 (ClassC)
2024-01-3113.115.174.73 (ClassC)
2024-02-0552.193.246.205 (ClassC)
2024-02-1818.180.128.104 (ClassC)
2024-03-0754.64.154.61 (ClassC)
2024-03-1954.65.185.2 (ClassC)
2024-04-0613.113.129.192 (ClassC)
2024-04-1752.194.56.35 (ClassC)
2024-05-0557.181.164.69 (ClassC)
2024-05-1452.195.124.29 (ClassC)
2024-05-1754.248.113.121 (ClassC)
2024-05-2735.76.179.214 (ClassC)
2024-06-1935.72.120.14 (ClassC)
2024-07-0435.79.165.146 (ClassC)
2024-07-0935.77.158.30 (ClassC)
2024-07-2152.192.190.35 (ClassC)
2024-08-1252.69.147.253 (ClassC)
2024-08-1652.69.35.70 (ClassC)
2024-08-2113.115.34.230 (ClassC)
2024-09-0352.194.55.225 (ClassC)
2024-09-1535.72.71.73 (ClassC)
2024-09-243.112.86.190 (ClassC)
2024-10-0454.238.186.140 (ClassC)
2024-10-1618.182.229.125 (ClassC)
2024-10-2413.112.126.225 (ClassC)
2024-11-08176.32.89.87 (ClassC)
2024-11-1513.115.44.143 (ClassC)
2024-11-2052.69.137.19 (ClassC)
2025-01-0935.75.203.182 (ClassC)
2025-01-1652.69.242.216 (ClassC)
2025-01-1957.181.240.163 (ClassC)
2025-01-2252.68.60.222 (ClassC)
2025-02-0154.92.34.182 (ClassC)
2025-02-1952.196.99.249 (ClassC)
2025-03-0518.176.1.60 (ClassC)
2025-03-2754.238.164.191 (ClassC)
2025-03-3054.178.190.151 (ClassC)
2025-04-0543.206.78.138 (ClassC)
2025-04-1713.113.83.245 (ClassC)
2025-04-2152.193.219.234 (ClassC)
2025-05-3113.113.237.166 (ClassC)
2025-06-1735.75.175.168 (ClassC)
2025-07-0152.69.77.26 (ClassC)
2025-07-2318.177.235.169 (ClassC)
2025-07-2754.150.63.244 (ClassC)
2025-08-0613.113.58.60 (ClassC)
2025-08-0918.179.190.146 (ClassC)
2025-08-1318.182.141.158 (ClassC)
2025-08-2152.68.174.232 (ClassC)
2025-08-2554.92.127.134 (ClassC)

Port 80

Port 443

Subdomains

DateDomainIP
www.oh28ya.com2024-05-1252.195.124.29
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information