Domain > benefitanswers.co.uk

More information on this domain is in AlienVault OTX

Files that talk to benefitanswers.co.uk

MD5	A/V
cccd464a25f3645acfe67703d4af8821	[Trojan.Downloader.Upatre] [W32/Trojan3.IES] [Trojan.Zbot] [TROJ_UPATRE.YYKZ] [Trojan-Dropper.Win32.Injector.kcuo] [Mal/Zbot-PY] [W32/Trojan.ZEYE-0941] [Win32/TrojanDownloader.Waski.A] [Trojan-Spy.Zbot] [Zbot.HXD]
5d5cf4c699e409df97182adf6ee44f5c	[Trojan.Email.FakeDoc] [PE:Malware.FakePDF@CV!1.9C3A] [TROJ_UPATRE.SMZ1] [Trojan/Win32.Zbot]
efe6f63c6b222b178500a74526b0aad6	[HW32.Pedka.keeu] [PE:Trojan.FakePDF@CV!1.9EEF]
1f6deb76888dc4d360ad428b97be7742	[HW32.Pedka.keeu] [PE:Trojan.FakePDF@CV!1.9EEF] [Trojan.Email.FakeDoc] [W32/Trojan3.HZU] [Downloader] [Upatre.AX] [TROJ_UPATRE.YYKJ] [Trojan-Dropper.Win32.Injector.kbqx] [Trojan.DownLoader9.54813] [TR/Crypt.Xpack.37107] [TrojanDownloader:Win32/Upatre.A] [Trojan/Win32.Zbot] [W32/Trojan.QSGY-3353] [Trojan.Win32.Waski.A] [Win32/TrojanDownloader.Waski.A] [Trojan-Spy.Zbot] [W32/Injector.KBQX!tr] [Zbot.GYJ] [Trj/Downloader.WKY] [Win32/Trojan.160]
6e3ddeecbc26ba16602d4e748bcb5ccc	[HW32.Pedka.keeu] [Trojan.Email.FakeDoc] [W32/Trojan3.HZU] [Downloader] [Upatre.AX] [Trojan-Dropper.Win32.Injector.kbqx] [Trojan.DownLoader9.54813] [TR/Crypt.Xpack.37107] [TROJ_UPATRE.YYKJ] [TrojanDownloader:Win32/Upatre.A] [W32/Trojan.QSGY-3353] [Trj/Downloader.WKY] [Win32/TrojanDownloader.Waski.A] [PE:Trojan.FakePDF@CV!1.9EEF] [Trojan-Spy.Zbot] [W32/Injector.KBQX!tr] [Zbot.GYJ] [Trojan.Win32.Waski.A] [Win32/Trojan.160]
8ae8ef4b6ed5f1e884652725c8ef2b80
7b53a1fb7336e838995ac9c03a113d9a
99a0d1ae61ef7a71f7977ce29ccfc1d5
dfec067b728f68fd296fcc230bb9795b
cd44f1d085941731e330fa2bd02ec6da
677b99961f7672983957b32cf7a924e0
a71512aa0d796289e44e279193507e04
a34d44ca39a63d76cb72e2a5d8ef9c7c
1a96f935f79b70486a00e25005ff8e23
a19ad4aec15d5262e6e01468147fe6b8
954dad8578d2633ed82aab0699af7799
c004a28ce7a382eaba8faa45f85c8056	[W32/Trojan.CQMQ-4692] [TR/Crypt.Xpack.37107] [Win32/Upatre.IBEEEV] [TrojanDwnldr.Upatre.MUE.A4] [Trojan.DownLoader11.34259] [Win32/TrojanDownloader.Waski.A] [W32/Waski.A!tr.dldr] [W32/Trojan3.HZU] [Zbot.GYJ] [Trojan-Spy.Zbot] [Trojan-Spy.Win32.Zbot.sdna] [Trojan.Email.FakeDoc] [Downloader-FSH!C004A28CE7A3] [TrojanDownloader*Win32/Upatre.A] [Mal/Zbot-PY] [Downloader] [TROJ_UPATRE.YYKJ] [TrojanDldr.Waski.A.mjdq] [TrojanDropper.Injector]
1d582d706a57840acad51bef1934ef51	[W32/Trojan.CQMQ-4692] [TR/Crypt.Xpack.37107] [Win32/Upatre.IBEEEV] [TrojanDwnldr.Upatre.MUE.A4] [Trojan.DownLoader11.34259] [Win32/TrojanDownloader.Waski.A] [W32/Waski.A!tr.dldr] [W32/Trojan3.HZU] [Zbot.GYJ] [Trojan-Spy.Zbot] [Trojan-Spy.Win32.Zbot.sdna] [Trojan.Email.FakeDoc] [Downloader-FSH!1D582D706A57] [TrojanDownloader*Win32/Upatre.A] [Mal/Zbot-PY] [Downloader] [TROJ_UPATRE.YYKJ] [TrojanDldr.Waski.A.mjdq] [TrojanDropper.Injector]
bc3c458384b927b37098fb74a33808ce	[Trojan.Email.FakeDoc] [Trojan-Spy.Zbot] [Trojan.Email.FakeDoc] [TrojanDownloaderWin32/Upatre.A] [W32/Waski.A!tr.dldr] [Zbot.GYJ] [Trojan-Spy.Win32.Zbot.sdna] [Downloader-FSH!BC3C458384B9] [TrojanDownloaderWin32/Upatre.A] [Win32/TrojanDownloader.Waski.A] [Win32/TrojanDownloader.Waski.A] [W32/Trojan3.HZU] [Zbot.GYJ] [W32/Waski.A!tr.dldr] [Trojan-Spy.Zbot] [Trojan-Spy.Win32.Zbot.sdna] [Downloader-FSH!BC3C458384B9] [W32/Trojan.CQMQ-4692] [Win32/Upatre.IBEEEV] [Win32/Upatre.IBEEEV] [W32/Trojan.CQMQ-4692] [TrojanDwnldr.Upatre.MUE.A4] [TrojanDwnldr.Upatre.MUE.A4] [TR/Crypt.Xpack.37107] [TR/Crypt.Xpack.37107] [W32/Trojan3.HZU] [Trojan.DownLoader11.34259] [Trojan.DownLoader11.34259]
ac53501f286fea7c06c55bebe4efe03f	[Win32/Upatre.IBEEEV] [Downloader-FSH!AC53501F286F] [TR/Crypt.Xpack.37107] [TrojanDldr.Waski.A.mjdq] [Win32/TrojanDownloader.Waski.A] [Zbot.GYJ] [Downloader] [W32/ZBOT.PY!tr] [TrojanDownloader*Win32/Upatre.A] [Trojan.Email.FakeDoc] [W32/Trojan.CQMQ-4692] [W32/Trojan3.HZU] [Trojan-Spy.Zbot] [Trojan.Zbot.Win32.153133] [Trojan-Spy.Win32.Zbot.sdna] [TROJ_UPATRE.SMN3] [Mal/Zbot-PY] [TrojanDwnldr.Upatre.MUE.A4] [TrojanDropper.Injector] [Trojan.DownLoader11.34259]

Whois

Property	Value
Name	Benefit Information Servicea
Address	176 Daisy Meadow
Zip Code	PR58DR
City	Bamber Bridge
State	Lancashire
Country	United Kingdom
NameServer	ns-uk.1and1-dns.co.uk
Created	2008-05-05 00:00:00
Changed	2015-04-10 00:00:00
Expires	2015-05-05 00:00:00
Registrar	1 & 1 Internet AG

DNS Resolutions

Date	IP Address
2014-04-07	23.254.138.209 (ClassC)
2014-04-29	199.59.63.130 (ClassC)
2014-05-02	199.59.63.130 (ClassC)
2014-05-31	79.170.40.160 (ClassC)
2015-03-18	217.160.47.10 (ClassC)
2018-04-10	217.160.0.136 (ClassC)
2025-11-02	77.68.74.189 (ClassC)

HTTP/1.1 200 OKServer: nginxDate: Thu, 23 May 2019 05:20:35 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control:

!DOCTYPE html> html langen> head> title>Home | Benefit Answers/title> meta charsetutf-8> meta namerobots contentindex, follow> meta nameviewport contentwidthdevice-width, initial-scale1.0> meta namekeywords content> meta namedescription content> !--script src/assets/css/js/vendor/jquery.js>/script> script src/assets/css/js/vendor/foundation.min.js>/script>--> style> @charset UTF-8;@media print,screen and (min-width:40em){.reveal,.reveal.large,.reveal.small,.reveal.tiny{right:auto;left:auto;margin:0 auto}}/*! normalize-scss | MIT/GPLv2 License | bit.ly/normalize-scss */html{font-family:sans-serif;line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure{display:block}figure{margin:1em 40px}hr{box-sizing:content-box;height:0;overflow:visible}main{display:block}pre{font-family:monospace,monospace;font-size:1em}a{background-color:transparent;-webkit-text-decoration-skip:objects}a:active,a:hover{outline-width:0}abbrtitle{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:inherit}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace,monospace;font-size:1em}dfn{font-style:italic}mark{background-color:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}audio,video{display:inline-block}audio:not(controls){display:none;height:0}img{border-style:none}svg:not(:root){overflow:hidden}button,input,optgroup,select,textarea{font-family:sans-serif;font-size:100%;line-height:1.15;margin:0}button{overflow:visible}button,select{text-transform:none}typereset,typesubmit,button,html typebutton{-webkit-appearance:button}typebutton::-moz-focus-inner,typereset::-moz-focus-inner,typesubmit::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}typebutton:-moz-focusring,typereset:-moz-focusring,typesubmit:-moz-focusring,button:-moz-focusring{outl

Subdomains

Date	Domain	IP
forms.benefitanswers.co.uk	2025-10-12	77.68.74.189
www.benefitanswers.co.uk	2025-10-11	77.68.74.189

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > benefitanswers.co.uk

Is this malicious?

Files that talk to benefitanswers.co.uk

Whois

DNS Resolutions

Port 80

Port 443

Subdomains