Domain > r.254a.com

More information on this domain is in AlienVault OTX

Is this malicious?

Most users have voted this as not malicious

Files that talk to r.254a.com

MD5	A/V
3ccce94d979e925d13b16f7f1b99cbe6	[Type_VBS_Autorun] [VBS.Dunihi] [VBS_JENXCUS.NS] [VBS/Jenxcus-C] [UnclassifiedMalware] [VBS.Autoruner.161] [VBS/Clicker.nauzs] [Worm:VBS/Jenxcus.K] [Trojan.IEVC-3] [VBS/Autorun.BC.worm] [VBS/Kryptik.L]
f58fb6cfc42c049c1442d6ce54ea429d	[W32/new-malware!Maximus] [TR/Graftor.2081254] [Trojan.Packed.194] [Win32/DH{fGSBEiV+ICMsgRNcV04}] [Trojan-Ransom.Win32.Blocker] [Artemis!F58FB6CFC42C] [Trojan.Packed!N6hauVnIyeg] [WS.Reputation.1] [Trojan.Win32.Graftor.czubpq] [Heuristic.LooksLike.Win32.Suspicious.J] [Win32/Trojan.fad]
f0bc927feca28a458159a8c4c808a3a7	[W32/Sefnit.C] [Trojan.MulDrop4.11744] [W32/Sefnit.ZOEY-4762]
645d60825b362448151387d060593635	[W32.Clod9e1.Trojan.1d9a] [Trojan.Win32.DownLoader10.cqvkbc] [WS.Reputation.1] [HKTL_CLICKER] [Trojan.Win32.S.Clicker.649728] [UnclassifiedMalware] [Trojan.DownLoader10.26566] [SPR/Surfairy.A] [Trj/CI.A] [Trojan.SuspectCRC] [Malware_fam.NB] [Hacktool.Win32.RiskTool.77] [Win32/DH{DyAiJQ}]
de9d855c48d0801c2820d6b39ce3fb6a	[W32.Clod6b9.Trojan.0a6b] [Artemis!DE9D855C48D0] [Heur.Suspicious] [Trojan/Win32.Clicker] [Win32/FlowSpirit] [W32/FlowSpirit]
5989dc0d2666bb6425369bceb7f3810e	[W32/Sefnit.C] [Trojan.MulDrop4.11744] [W32/Sefnit.ZOEY-4762]
5de8c552d5aa79450f9aca23bee6c566	[Trojan.Inject.HD] [Backdoor.Prosti.L] [Artemis!5DE8C552D5AA] [W32/Themida_Packed!Eldorado] [Backdoor.Trojan] [PUA.Packed.Themida-1] [Trojan.Win32.Scar.fuqm] [Sus/ComPack-M] [UnclassifiedMalware] [Win32.HLLW.Mistri.25] [Trojan.Backdoor.Prosti!IK] [Trojan/Scar.ch] [Backdoor:Win32/Prosti.L] [Trojan/Win32.Prosti] [Trojan.Backdoor.Prosti] [W32/Prosti.NDX] [Dropper.ErPack.AI]
8f78b1665fd080ffc149f0ec7ec694cb
07a8dda271fc4d12fa2ce6f35936fec3	[Trojan.Html.Iframe.bwupbf] [TrojWare.JS.Iframe.GJ] [JS.IFrame.425] [Heuristic.LooksLike.HTML.Infected.H] [Exploit.HTML.IframeRef] [JS/Iframe.BMY!tr]
0106db8b1a382937be9d9e99155dc546	[Trojan-PSW.Win32.Tepfer!O] [Backdoor.Kelihos.F5] [Kelihos.BKDR] [Trojan.Win32.Hlux.dimrpg] [Win32.Backdoor.Hlux.Kc] [BackDoor.Slym.14056] [Backdoor:Win32/Kelihos.F] [Backdoor/Win32.Kelihos] [SScope.Malware-Cryptor.Hlux] [Backdoor.Win32.Hlux.AHwG] [Backdoor.Win32.Kelihos] [W32/Kryptik.BJWM!tr]
24b24d3c5dd8aa087b7fd507fc8afa20	[Worm.Win32.Fujack!O] [W32/Fujacks.ah] [Worm.AutoRun] [Trojan-Downloader.Win32.Small] [Worm.Fujack!T8l/EwDWgE4] [W32/SelfStarterInternetTrojan!M] [W32.Fubalca] [Smalltroj.BFXG] [Trojan.Small-1570] [Worm.Win32.Fujack.av] [Trojan.Win32.Fujack.lwgy] [Trojan.DownLoader.20808] [Mal/Dropper-AB] [Worm.MyInfect.az.106496] [Win-Trojan/Xema.variant] [Virus.Win32.Heur.l] [Worm.Fujack] [Trj/CI.A] [PE:Worm.Win32.Autorun.fng!1075221508] [Trojan-PWS.Win32.OnLineGames] [W32/Fujack.AV] [Worm/Butileg.M] [Worm.Win32.Fujack.aq] [Virus.Win32.Viking.LF]
6b18a5c085c9beb8f262e09aae094060	[Worm.Win32.Fujack!O] [W32/Fujacks.ah] [Worm.AutoRun] [Trojan-Downloader.Win32.Small] [Worm.Fujack!T8l/EwDWgE4] [W32/SelfStarterInternetTrojan!M] [W32.Fubalca] [Smalltroj.BFXG] [Worm.Win32.Fujack.av] [Trojan.Win32.Fujack.lwgy] [Trojan.DownLoader.20808] [Mal/Dropper-AB] [Worm.MyInfect.az.106496] [Win-Trojan/Xema.variant] [Virus.Win32.Heur.l] [Worm.Fujack] [Trj/CI.A] [PE:Worm.Win32.Autorun.fng!1075221508] [Trojan-PWS.Win32.OnLineGames] [W32/Fujack.AV] [Worm/Butileg.M] [Worm.Win32.Fujack.AiNA] [Virus.Win32.Viking.LF]

Whois

Property	Value
Name	PERFECT PRIVACY, LLC
Email	[email protected]
Address	12808 Gran Bay Parkway West
Zip Code	32258
City	Jacksonville
State	FL
Country	US
Phone	+1.5707088780
NameServer	NS6.IPONWEB.NET
Created	2010-03-10 13:27:30
Changed	2015-01-29 00:56:13
Expires	2019-03-10 00:00:00
Registrar	NETWORK SOLUTIONS, L

DNS Resolutions

Date	IP Address
2013-07-26	54.247.185.20 (ClassC)
2013-08-27	176.34.225.212 (ClassC)
2013-09-14	54.228.215.109 (ClassC)
2013-10-08	176.34.126.239 (ClassC)
2013-10-10	79.125.21.9 (ClassC)
2013-10-12	54.247.162.187 (ClassC)
2013-10-15	54.228.206.243 (ClassC)
2013-10-17	54.228.215.109 (ClassC)
2013-10-19	54.247.77.194 (ClassC)
2013-10-23	54.228.180.236 (ClassC)
2013-10-29	54.247.162.180 (ClassC)
2013-10-31	54.247.79.165 (ClassC)
2013-10-31	54.247.90.142 (ClassC)
2013-11-04	54.246.85.177 (ClassC)
2013-11-18	54.247.92.140 (ClassC)
2013-11-20	54.247.99.203 (ClassC)
2013-11-28	54.247.162.180 (ClassC)
2013-11-28	54.247.99.203 (ClassC)
2013-12-02	54.247.99.216 (ClassC)
2013-12-06	54.217.225.213 (ClassC)
2013-12-19	54.217.225.105 (ClassC)
2013-12-25	54.217.225.59 (ClassC)
2014-01-04	54.217.225.14 (ClassC)
2014-01-04	54.247.99.216 (ClassC)
2014-01-12	54.195.241.217 (ClassC)
2014-01-17	54.246.85.177 (ClassC)
2014-01-19	54.195.244.36 (ClassC)
2014-01-25	54.195.244.2 (ClassC)
2014-03-14	54.72.93.99 (ClassC)
2014-03-16	54.72.33.180 (ClassC)
2014-03-18	54.72.16.243 (ClassC)
2014-03-20	54.72.92.202 (ClassC)
2014-03-21	54.72.52.144 (ClassC)
2014-03-21	54.72.91.193 (ClassC)
2014-03-24	54.72.93.112 (ClassC)
2014-03-26	54.72.93.11 (ClassC)
2014-03-30	54.72.15.54 (ClassC)
2014-04-03	54.194.98.41 (ClassC)
2014-04-06	54.72.112.48 (ClassC)
2014-04-08	54.72.16.41 (ClassC)
2014-04-08	54.72.124.2 (ClassC)
2014-04-10	54.72.65.136 (ClassC)
2014-04-12	54.72.147.160 (ClassC)
2014-04-12	54.72.150.229 (ClassC)
2014-04-24	54.72.43.174 (ClassC)
2014-04-26	54.72.93.115 (ClassC)
2014-04-29	54.72.30.134 (ClassC)
2014-05-05	54.72.47.90 (ClassC)
2014-05-09	54.72.179.4 (ClassC)
2014-05-15	54.72.93.132 (ClassC)
2014-05-17	54.72.90.177 (ClassC)
2014-05-19	54.72.91.105 (ClassC)
2014-05-23	54.76.88.171 (ClassC)
2014-05-27	54.76.87.185 (ClassC)
2014-05-29	54.72.52.144 (ClassC)
2014-05-30	54.72.93.121 (ClassC)
2014-06-03	54.72.93.129 (ClassC)
2014-06-04	54.76.88.128 (ClassC)
2014-06-06	54.72.180.68 (ClassC)
2014-06-10	54.72.92.162 (ClassC)
2014-06-10	54.72.93.121 (ClassC)
2014-06-10	54.72.58.85 (ClassC)
2014-06-16	54.72.99.196 (ClassC)
2014-06-22	54.72.228.64 (ClassC)
2014-06-26	54.76.84.196 (ClassC)
2014-06-26	54.72.93.99 (ClassC)
2014-07-01	54.72.55.177 (ClassC)
2014-07-01	54.76.84.196 (ClassC)
2014-07-02	54.76.253.99 (ClassC)
2014-07-05	54.72.86.80 (ClassC)
2014-07-07	54.84.219.229 (ClassC)
2014-07-08	54.72.55.177 (ClassC)
2014-07-09	54.86.103.76 (ClassC)
2014-07-09	54.86.46.209 (ClassC)
2014-07-14	54.72.91.105 (ClassC)
2014-09-16	54.76.158.92 (ClassC)
2014-09-16	54.76.104.189 (ClassC)
2014-09-16	54.72.144.177 (ClassC)
2014-09-16	54.77.0.33 (ClassC)
2014-09-16	54.72.40.159 (ClassC)
2014-09-16	54.76.187.199 (ClassC)
2014-09-16	54.72.230.26 (ClassC)
2014-09-16	54.76.111.147 (ClassC)
2014-09-16	54.72.245.130 (ClassC)
2014-09-16	54.76.121.132 (ClassC)
2014-09-16	54.76.80.229 (ClassC)
2014-09-16	54.72.56.164 (ClassC)
2014-09-16	54.76.138.124 (ClassC)
2014-10-22	54.183.204.92 (ClassC)
2014-11-06	54.86.165.245 (ClassC)
2014-11-13	54.183.204.92 (ClassC)
2014-11-17	54.88.227.64 (ClassC)
2014-11-19	54.85.117.207 (ClassC)
2014-12-12	54.154.81.233 (ClassC)
2014-12-12	54.77.87.57 (ClassC)
2014-12-12	54.154.15.185 (ClassC)
2014-12-12	54.72.202.71 (ClassC)
2014-12-12	54.76.94.233 (ClassC)
2015-01-13	54.172.96.198 (ClassC)
2015-01-14	54.175.33.252 (ClassC)
2015-01-17	54.174.153.23 (ClassC)
2015-02-20	52.0.137.29 (ClassC)
2015-02-24	52.16.68.80 (ClassC)
2015-02-24	52.16.74.184 (ClassC)
2015-02-24	52.16.70.124 (ClassC)
2015-02-24	52.1.40.230 (ClassC)
2015-02-24	52.16.72.33 (ClassC)
2015-02-24	52.16.52.114 (ClassC)
2015-02-24	52.16.74.132 (ClassC)
2015-02-24	52.16.67.46 (ClassC)
2015-02-24	52.16.74.155 (ClassC)
2015-03-26	54.164.248.126 (ClassC)
2015-03-26	54.172.190.215 (ClassC)
2015-03-31	54.174.41.43 (ClassC)
2015-04-16	54.152.51.246 (ClassC)
2015-05-27	54.86.0.83 (ClassC)
2015-06-03	54.152.110.137 (ClassC)
2025-04-15	205.178.189.129 (ClassC)
2025-08-06	208.91.197.132 (ClassC)

HTTP/1.1 200 OKDate: Sun, 17 Mar 2024 14:48:07 GMTServer: ApacheSet-Cookie: vsid932vr458232488401180974; expiresFri, 16-Mar-2029 14:48:08 GMT; Max-Age157680000; path/; domainr.254a.com; HttpOnlyX-Adbl

!DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01//EN http://www.w3.org/TR/html4/strict.dtd>html>head>link relpreconnect hrefhttps://delivery.consentmanager.net> link relpreconnect hrefhttps://cdn.consentmanager.net>                    script>window.cmp_stayiniframe  1; window.cmp_dontloadiniframe  true; if(!gdprAppliesGlobally in window){window.gdprAppliesGloballytrue}if(!(cmp_id in window)||window.cmp_id1){window.cmp_id0}if(!(cmp_cdid in window)){window.cmp_cdid21fdca2281833}if(!(cmp_params in window)){window.cmp_params}if(!(cmp_host in window)){window.cmp_hosta.delivery.consentmanager.net}if(!(cmp_cdn in window)){window.cmp_cdncdn.consentmanager.net}if(!(cmp_proto in window)){window.cmp_protohttps:}if(!(cmp_codesrc in window)){window.cmp_codesrc1}window.cmp_getsupportedLangsfunction(){var bDE,EN,FR,IT,NO,DA,FI,ES,PT,RO,BG,ET,EL,GA,HR,LV,LT,MT,NL,PL,SV,SK,SL,CS,HU,RU,SR,ZH,TR,UK,AR,BS;if(cmp_customlanguages in window){for(var a0;awindow.cmp_customlanguages.length;a++){b.push(window.cmp_customlanguagesa.l.toUpperCase())}}return b};window.cmp_getRTLLangsfunction(){var aAR;if(cmp_customlanguages in window){for(var b0;bwindow.cmp_customlanguages.length;b++){if(r in window.cmp_customlanguagesb&&window.cmp_customlanguagesb.r){a.push(window.cmp_customlanguagesb.l)}}}return a};window.cmp_getlangfunction(j){if(typeof(j)!boolean){jtrue}if(j&&typeof(cmp_getlang.usedlang)string&&cmp_getlang.usedlang!){return cmp_getlang.usedlang}var gwindow.cmp_getsupportedLangs();var c;var flocation.hash;var elocation.search;var alanguages in navigator?navigator.languages:;if(f.indexOf(cmplang)!-1){c.push(f.substr(f.indexOf(cmplang)+8,2).toUpperCase())}else{if(e.indexOf(cmplang)!-1){c.push(e.substr(e.indexOf(cmplang)+8,2).toUpperCase())}else{if(cmp_setlang in window&&window.cmp_setlang!){c.push(window.cmp_setlang.toUpperCase())}else{if(a.length>0){for(var d0;da.length;d++){c.push(ad)}}}}}if(language in navigator){c.push(navigator.language)}if(userLanguage in navigator){c.push(navigator.userLanguage)}var h;for(var d0;dc.length;d++){var bcd.toUppe

Subdomains

Date	Domain	IP
cdn.254a.com	2013-10-23	205.251.253.178
r.254a.com	2014-01-17	54.246.85.177
s.254a.com	2023-10-13	104.254.148.252
www.254a.com	2025-07-08	208.91.197.132

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]