Domain > 0v3rfl0w.com

More information on this domain is in AlienVault OTX

Files that talk to 0v3rfl0w.com

MD5	A/V
d616d91732aa6f96bbef090bcb6c3ae5	[W32.HfsAtITSTIL.B700] [Suspicious.Cloud.9] [Trojan-Dropper.Win32.Dapato.ofbu] [Trojan.Win32.Steam.ebeepm] [Trojan.PWS.Steam.11261] [Trojan.AutoIt.Win32.5] [BehavesLike.Win32.Backdoor.rc] [TR/Spy.Autoit.5241856] [TrojanSpy:Win32/Skeeyah.A!rfn] [Artemis!D616D91732AA] [Autoit.Trojan.Spy.Woze] [PUA.MSIL.NetSeal] [W32/Dapato.OFBU!tr] [Trj/CI.A]
1a439f7736c1e3191727ad175288dfaa	[Trojan.Razy.D75B9] [SAPE.Heur.81EC0] [Msil.Trojan.Dropper.Dygp] [BehavesLike.Win32.Backdoor.bc] [Mal/RarMal-K] [MSIL/Injector.OBY!tr]
f551d8c7b26d34aaea0a83094d412f4e	[W32.HfsAtITSTIL.A08D] [Troj.W32.Cossta.mfzE]
ca2f589a64a3f2a186662c0e0c8a547e
9ce17557f926f5f2e65ab0a47107acef	[W32.HfsAtITSTIL.D9D2] [Win32.Trojan-Spy.Autoit.b] [Mal_Utoti4] [Mal_Utoti4]
be2b6634c941bb8966ac622f37021ae3
ddab821da50cc37e98027945ff1eb945	[W32.HfsAtITSTIL.84B6] [BehavesLike.Win32.Backdoor.gc] [Troj.W32.Badur.m2TY]
ecdcdbd23df36ede6f37458396d2e4a5	[W32.HfsAtITSTIL.AE6B] [Troj.W32.Badur.m2TY] [BehavesLike.Win32.Gupboot.gc] [Artemis!ECDCDBD23DF3] [Trojan.DL.Win32.Banloaden.hr] [Win32/Trojan.97a]
51cfa34a2ac08803a4ec662fa21508b0
ababaf4c93b9919154c54b2e009c611b
804492ce2475609ebf0b98678b79c940
c707bbdba9e9480cad5f58dd2d5ce832
b10bb75ddd529d06034ae10537f67f1b
a2250435e56d2c1f28ebbb803f14979f
ad779c65953db2b88dae079b3424eb3d
6225f8c1445a771df8abebf764cbdd01
4c9a2a92e9b0eb9011c68c32ef434241
a22200154c52b3aaed09bdd9cb02db02
7eeea392c9e87d40247c28dbc25de9f5
62ef061660ddf1ebf5136e5284be8bce

Whois

Property	Value
NameServer	TIM.NS.CLOUDFLARE.COM
Created	2016-01-19 00:00:00
Changed	2016-02-26 00:00:00
Expires	2017-01-19 00:00:00
Registrar	WILD WEST DOMAINS, L

DNS Resolutions

Date	IP Address
2016-01-23	104.24.122.194 (ClassC)
2016-01-23	104.24.123.194 (ClassC)
2016-04-03	51.255.205.151 (ClassC)
2017-01-25	50.63.202.83 (ClassC)
2019-09-11	160.153.90.134 (ClassC)
2026-02-15	155.133.142.13 (ClassC)

HTTP/1.1 200 OKDate: Wed, 11 Sep 2019 10:29:06 GMTServer: ApacheStrict-Transport-Security: max-age31536000; includeSubDomainsX-Xss-Protection: 1; modeblockX-Content-Type-Options: nosniffX-Frame-Option

!DOCTYPE html>html classfull-height langen>head>	meta charsetutf-8>	meta contentIEedge http-equivX-UA-Compatible>	meta contentwidthdevice-width, initial-scale1 nameviewport>	title>/title>	link hreffavicon.ico relicon>	link hrefassets/a.css relstylesheet>/head>body classfull-height vignette data-bgassets/images/bg0.jpg>	div classfull-height idapp>		div classd-flex align-items-center full-height>			div classmx-auto>				div classtext-center>					span classtyped data-text0v3rfl0w.c0m>/span>				/div>			/div>		/div>audio autoplay loop>source srcassets/0.mp3 typeaudio/mp3>		script>        var audio  document.currentScript.parentElement;        audio.volume  0.3;        /script>/audio>		footer>			a href#>0v3rfl0w th3 pl4n3t/a>		/footer>	/div>	canvas idbgcanvas>/canvas>	script>	window.Laravel  { baseURL: ‘#’ };	/script>	script srcassets/a.js>	/script>	script srcassets/h.js>	/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > 0v3rfl0w.com

Is this malicious?

Files that talk to 0v3rfl0w.com

Whois

DNS Resolutions

Port 80

Port 443