Help RSS API Feed Maltego Contact                        

Domain > dhs.gov

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to dhs.gov
MD5A/V
1929530a1f2d6d48a87aac928220e460[HW32.CDB.4199] [Backdoor.Hlux.r3] [Trojan.Win32.Hlux.cwwgjj] [Kryptik.CCFN] [Backdoor.Win32.Hlux.crc] [Backdoor.Hlux!GJ0f5FTmyog] [UnclassifiedMalware] [BackDoor.Slym.14056] [Heuristic.LooksLike.Win32.Suspicious.E] [Mal/Kelihos-A] [Trojan[Backdoor]/Win32.Hlux] [Trojan:Win32/Sisron] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32.SuspectCrc] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GJB] [Trojan.Win32.Kryptik.BZWV] [Win32/Trojan.e55]
2cea2302f3f5c4280a6990e4e1965a60[Backdoor.Hlux.r3] [Trojan.Win32.Hlux.cxceyl] [Kryptik.CCFN] [TROJ_SPNR.36DM14] [Backdoor.Win32.Hlux.djbj] [Backdoor.Hlux!4usFCOdA3iI] [Trojan.Win32.S.PSW-Tepfer.835600.DB] [Mal/Kelihos-A] [TrojWare.Win32.Kryptik.BLUU] [Trojan.PWS.Stealer.12891] [TR/Kryptik.oeons] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Win32.Kryptik.BZDO] [Trojan.Crypt_s] [W32/Hlux.BZDO!tr.bdr] [Crypt_s.GGV] [Win32/Trojan.fec]
4b93f892d9249b70508ee222e37ee1c6[HW32.CDB.E823] [TrojanPSW.Tepfer.r3] [Trojan.Win32.Kryptik.cxbvtz] [WS.Reputation.1] [Kryptik.CCFN] [Trojan-PSW.Win32.Tepfer.txbj] [Trojan.PWS.Tepfer!TcJrQOwJyhs] [Mal/FakeAV-UF] [BackDoor.Slym.13348] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan[PSW]/Win32.Tepfer] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Win32.Kryptik.CAUP] [Trojan.Crypt_s] [W32/Tepfer.CAUP!tr.pws] [Crypt_s.GMK]
4a110bd7cb835d71df2345ad50c25b23[HW32.CDB.9f50] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [UnclassifiedMalware] [BackDoor.Slym.13873] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CBCJ] [Win32/Trojan.0de]
86122dbf79ec3a983d9ecb120470a00f[Artemis!86122DBF79EC] [Trojan.Win32.Yakes.fhyw] [TR/Changeling.A.3509] [Win32.Trojan.Yakes.Dyfy] [Trojan.Win32.Spammer] [Win32/Cryptor] [Trojan.Win32.Spammer.bAC] [Win32/Trojan.Multi.daf]
db5b440f6419090cd9567f3b33fd3ced[Malware.Packer.HGX1] [BackDoor.SlymENT.1498] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
5ea646ffdc1e9bc7759fdfc926de7660[PWS-FASY!5EA646FFDC1E] [Malware.Packer.EGX7] [Password-Stealer] [Trojan] [Hlux.XD] [Trojan-PSW.Win32.Tepfer.ijnk] [BackDoor.Slym.1498] [TR/Rogue.14575.23] [Heuristic.BehavesLike.Win32.Suspicious-BAY.G] [Troj/Tepfer-Q] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Foreign] [HeurEngine.MaliciousPacker] [Win32/Kelihos.F] [Trojan-PWS.Win32.Tepfer] [W32/Kryptik.X!tr] [Trj/Tepfer.B]
7DB816E0BA9895D4A2BC6F917D6022C6
57e4772bf299484f8b8652f05bee7731
fbed4b2d3b285e60d1a74fabfa477cb0
8afcc441ac982ca392cdbb0e9e0623c7

Whois
PropertyValue
Email registrar@dotgov.gov

DNS Resolutions
DateIP Address
2014-05-29173.252.133.166 (ClassC)
2014-07-14208.71.165.56 (ClassC)
2019-01-10173.252.133.166 (ClassC)
2019-01-2823.1.130.91 (ClassC)
2019-01-2923.51.195.135 (ClassC)
2019-02-0123.40.42.112 (ClassC)
2019-02-0523.204.2.227 (ClassC)
2019-02-19184.26.155.200 (ClassC)
2019-02-2823.222.114.136 (ClassC)
2019-03-2723.51.203.9 (ClassC)
2019-04-03104.113.53.250 (ClassC)
2019-04-1123.38.140.58 (ClassC)
2019-04-1723.35.27.248 (ClassC)
2019-04-2923.33.173.236 (ClassC)
2019-05-07104.66.58.165 (ClassC)
2019-05-1423.40.40.64 (ClassC)
2019-05-1523.61.58.176 (ClassC)
2019-05-2323.207.37.13 (ClassC)
2019-06-0723.52.43.168 (ClassC)
2019-06-1023.194.154.36 (ClassC)
2019-06-1323.222.113.105 (ClassC)
2019-06-1623.38.141.208 (ClassC)
2019-06-30104.114.29.166 (ClassC)
2019-08-01184.86.168.128 (ClassC)
2019-08-01104.72.48.12 (ClassC)
2019-08-01104.87.25.80 (ClassC)
2019-08-052.23.17.117 (ClassC)
2019-08-05184.26.155.105 (ClassC)
2019-08-12104.107.199.20 (ClassC)
2019-08-14104.91.201.169 (ClassC)
2019-08-2723.79.212.123 (ClassC)
2019-08-2823.201.90.67 (ClassC)
2019-08-2923.43.67.225 (ClassC)
2019-08-31104.81.131.151 (ClassC)
2019-08-31104.114.37.129 (ClassC)
2019-09-0423.206.19.155 (ClassC)
2019-09-042.19.144.209 (ClassC)
2019-09-08104.126.182.182 (ClassC)
2019-09-1023.34.78.63 (ClassC)
2019-09-1123.63.194.103 (ClassC)
2019-09-13104.108.18.9 (ClassC)
2019-09-1523.51.204.213 (ClassC)
2019-09-19104.114.27.221 (ClassC)
2019-09-22104.112.197.154 (ClassC)
2019-09-2323.61.187.169 (ClassC)
2020-09-0823.7.106.222 (ClassC)
2020-12-15104.112.199.159 (ClassC)
2023-07-1623.193.149.73 (ClassC)
2023-08-2623.196.119.128 (ClassC)
2023-11-0223.60.53.251 (ClassC)
2024-02-2123.196.195.112 (ClassC)
2024-03-05184.86.207.159 (ClassC)
2024-03-2623.7.100.225 (ClassC)
2024-04-0423.205.198.91 (ClassC)
2024-08-0123.218.10.57 (ClassC)
2024-11-1323.214.101.169 (ClassC)
2024-12-1423.6.188.195 (ClassC)
2024-12-1723.37.214.143 (ClassC)
2024-12-2823.5.8.183 (ClassC)
2025-02-2523.10.213.253 (ClassC)
2025-03-3123.196.206.53 (ClassC)
2025-05-0523.38.235.194 (ClassC)
2025-05-14184.24.149.240 (ClassC)
2025-07-1123.37.214.92 (ClassC)
2025-08-022.19.133.188 (ClassC)
2025-08-0523.196.155.28 (ClassC)

Port 80

Port 443

Subdomains
DateDomainIP
caadi-7001.dhs.gov2025-02-1423.193.86.171
staging1.dhs.gov2023-08-25104.108.87.202
edit.staging1.dhs.gov2023-08-25104.108.87.202
chemsecv1.dhs.gov2023-08-2623.198.171.201
testintd8.dhs.gov2023-08-25104.108.87.202
edit-testintd8.dhs.gov2023-08-25104.108.87.202
www.usfa.dhs.gov2024-03-1223.196.195.112
media.dhs.gov2024-03-1123.196.195.112
staging-media.dhs.gov2023-08-25104.108.95.151
edit-staging-media.dhs.gov2023-08-25104.108.95.151
edit-media.dhs.gov2023-08-2523.196.202.110
testint-media.dhs.gov2023-08-25104.108.95.151
edit-testint-media.dhs.gov2023-08-25104.108.95.151
preview-media.dhs.gov2023-08-26104.100.58.85
edit-preview-media.dhs.gov2024-03-1123.196.196.228
adfs.fema.dhs.gov2025-08-01161.214.13.13
ocio-github.cisa.dhs.gov2025-01-1344.223.142.132
dev-ocio-github.cisa.dhs.gov2025-01-2144.223.142.132
eum.cisa.dhs.gov2025-08-0352.87.28.172
tableau.cisa.dhs.gov2025-01-1352.5.3.33
devtableau.cisa.dhs.gov2024-12-263.215.203.1
dac3.tsa.dhs.gov2025-07-22216.81.80.15
lsmash.tsa.dhs.gov2025-08-05216.81.80.62
mail.lsmash.tsa.dhs.gov2025-08-05216.81.80.32
mdm.lsmash.tsa.dhs.gov2025-07-18216.81.80.31
admin.lsmash.tsa.dhs.gov2025-05-21216.81.80.46
vpn.lsmash.tsa.dhs.gov2025-08-05173.255.51.77
auth.tsa.dhs.gov2025-05-2134.223.206.18
authid-test.tsa.dhs.gov2025-04-1434.223.206.18
www.tsa.dhs.gov2014-03-06165.254.206.112
cisomb.dhs.gov2015-03-1723.61.68.56
staging.cisomb.dhs.gov2023-08-25184.84.195.134
share-pub.dhs.gov2024-07-17184.24.193.104
nccad.dhs.gov2023-08-26104.100.58.85
dhscube.dhs.gov2024-03-1223.209.30.100
icecmg1.ice.dhs.gov2024-08-0352.188.120.106
isccompliance.dhs.gov2023-08-2623.198.171.201
code.dhs.gov2023-08-2523.196.115.217
engage.dhs.gov2023-10-3023.209.30.100
staging-engage.dhs.gov2024-01-1023.6.249.19
share.dhs.gov2024-01-09104.81.184.90
tripwire.dhs.gov2023-08-26104.100.58.85
stage.tripwire.dhs.gov2023-08-26104.100.58.85
oig.dhs.gov2023-08-2623.198.171.201
staging-oig.dhs.gov2023-08-25104.108.95.151
edit-staging-oig.dhs.gov2023-08-25104.108.95.151
edit-oig.dhs.gov2023-08-2523.196.202.110
testint-oig.dhs.gov2023-08-25104.108.95.151
edit-testint-oig.dhs.gov2023-08-25104.108.95.151
preview-oig.dhs.gov2024-03-0723.196.195.112
edit.preview-oig.dhs.gov2024-03-1123.196.196.228
hotline.oig.dhs.gov2024-12-2645.223.161.1
staging-hotline.oig.dhs.gov2025-03-1523.6.244.63
www.oig.dhs.gov2015-04-07199.83.134.9
staging.dhs.gov2023-08-25104.108.95.151
isccompliance-staging.dhs.gov2023-08-26104.100.58.85
maestro-staging.dhs.gov2024-03-1223.196.196.228
regscale-maestro-staging.dhs.gov2024-01-0823.37.210.232
wcms-staging.dhs.gov2023-08-25104.108.87.202
edit-wcms-staging.dhs.gov2023-08-25104.108.87.202
edit-staging.dhs.gov2023-08-25104.108.95.151
scitech.dhs.gov2023-08-26104.100.58.85
search.dhs.gov2024-08-023.163.165.26
rfi.dhs.gov2024-03-1123.196.197.213
hsi.dhs.gov2024-07-2823.210.151.4
cvi.dhs.gov2023-08-26104.100.58.85
uvi.dhs.gov2023-08-2523.209.30.100
dhsprecheck.dhs.gov2023-08-2523.63.54.118
staging-dhsprecheck.dhs.gov2023-08-25104.108.87.202
edit-staging-dhsprecheck.dhs.gov2023-08-25104.108.87.202
edit-dhsprecheck.dhs.gov2023-08-2523.196.196.228
testint-dhsprecheck.dhs.gov2023-08-25104.108.87.202
edit-testint-dhsprecheck.dhs.gov2023-08-25104.108.87.202
preview.dhsprecheck.dhs.gov2023-08-2523.196.119.128
edit-preview.dhsprecheck.dhs.gov2024-03-1123.196.196.228
iscd-portal.dhs.gov2023-08-26104.100.58.85
csat-portal.dhs.gov2024-01-0769.192.80.120
acm.dhs.gov2024-07-31173.255.60.153
casm.dhs.gov2023-10-04216.81.85.199
int.casm.dhs.gov2020-07-17216.81.95.1
dev.casm.dhs.gov2025-07-18173.255.58.176
cvium.dhs.gov2023-08-26104.100.58.85
hsin.dhs.gov2024-03-1123.196.197.213
csat-registration.dhs.gov2024-03-1223.198.171.201
learn.dhs.gov2023-08-2523.37.217.177
myoido.dhs.gov2024-03-1223.209.30.100
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information