Domain > elefant.ru

More information on this domain is in AlienVault OTX

Files that talk to elefant.ru

MD5	A/V
EED6D0908A6ED6D54AB18F1E7EA418A3
c71b12244ff728b57731381193e62cc3	[Worm*Win32/Verst.A] [Win32/Heur] [W32/Autorun.worm.bcf] [Win.Worm.Palevo-3534]
f2826d8c314b6f4a055527f5dcc731dd	[Worm*Win32/Verst.A] [Win32/Heur] [W32/Autorun.worm.bcf] [Worm.Autorun-9885] [WORM/Autorun.cchs]
70854fb3717d8e692a4a79c347a91021	[Win32/FakeFLDR_i] [Worm.Verst.A] [Trojan.PWS.OSMP.17] [Win32/Kryptik.BTFN] [W32/Kryptik.ANS!tr] [Luhe.Fiha.E] [Trojan.Win32.DNSChanger] [Trojan.Dropper] [W32/Autorun.worm.bcf] [Worm*Win32/Verst.A] [Worm.Win32.Verst.a] [Mal/EncPk-MX] [WORM_VERST.SM] [Worm.Autorun.01133]
748CE51A192DE6215D386DC8CBA2318F
182f08870c22e4f41b20bc0c72040e63	[Worm*Win32/Verst.A] [Win32/Heur] [W32/Autorun.worm.bcf] [Worm.Autorun-9885] [WORM/Autorun.cchs]
e2f6464abdba14d2ceb66916affd070d	[Win32/Sality] [W32.Sality] [W32/Autorun.worm.bcf] [W32/Sality.s] [Virus*Win32/Sality.T]
f5ad6be82ab101e2a1e92bb21884a2f8	[Worm*Win32/Verst.A] [Win32/Heur] [W32/Autorun.worm.bcf] [Win.Worm.Palevo-3534]
af63eaf76efd27aa88e89b60805bd311	[Win32/Virut] [Worm*Win32/Verst.A] [W32/Autorun.worm.bcf] [Worm.Autorun-9885]
C8B030C8C68ABF308F8B074BF0878B6F
fcf22c940acb461bd66964021f47c0f3	[Virus*Win32/Sality.R] [W32.Sality-7]
D34990862AEE318C3C4C9A64EB87F020
030F521773150DB68D1CA7F3C31F41F9
0325a73bdd931bb9efb6491f43401a2e	[P2P.Worm.Palevo.dbuk] [W32/Backdoor.YNLM-3278] [Worm/Verst.A.51] [Win32/Verst.C] [Worm.Verst.A] [BackDoor.Pushnik.19] [W32/Kryptik.ANS!tr] [Win32/Heur] [P2P-Worm.Win32.Palevo] [P2P-Worm.Win32.Palevo.dbuk] [Trojan.Dropper] [W32/Autorun.worm.bcf] [Worm*Win32/Verst] [Worm.Win32.Verst.a] [Mal/EncPk-MX] [W32.SillyDC] [WORM_VERST.SM] [Worm.Autorun.01133]
315F824B529FB2CF66BFEBA16F28E6C5
DADF89F4235004CE0DBA1CF1D8C77B3E
00d75b02a237e896e653b5108cc730c5	[Win32/FakeFLDR_i] [Worm.Verst.A] [Worm.Autorun-9885] [BackDoor.Pushnik.15] [W32/Kryptik.ANS!tr] [Win32/Heur] [Trojan.Win32.Ransom] [Trojan.Dropper] [W32/Autorun.worm.bcf] [Worm*Win32/Verst.A] [Worm.Win32.Verst.a] [Mal/EncPk-MX] [WORM_VERST.SM] [Worm.Autorun.01133]
81FD7838BBF7AB58F3F597D339F07C72
356ecfafdd92784b2054d3d42656de84	[Win32/FakeFLDR_i] [Win.Worm.Palevo-3534] [BackDoor.Pushnik.21] [W32/Kryptik.ANS!tr] [Win32/Heur] [P2P-Worm.Win32.Palevo] [Trojan.Dropper] [W32/Autorun.worm.bcf] [Worm*Win32/Verst.A] [Worm.Win32.Verst.a] [Mal/EncPk-MX] [WORM_VERST.SM] [Worm.Autorun.01133] [Worm.Palevo.Win32.43424]
48729aec7fdc71706f6c30981c7f3589	[Win32/Heur] [W32/Autorun.worm.bcf] [Worm.Autorun-9885]

DNS Resolutions

Date	IP Address
2014-03-05	213.189.197.6 (ClassC)
2016-05-23	78.24.223.72 (ClassC)
2018-05-06	188.120.244.242 (ClassC)
2018-06-04	109.70.26.37 (ClassC)
2018-06-04	194.85.61.76 (ClassC)
2018-08-21	92.53.96.44 (ClassC)
2020-04-17	92.53.112.89 (ClassC)
2021-02-03	5.23.50.190 (ClassC)
2024-06-21	31.177.76.32 (ClassC)
2025-10-14	31.177.80.70 (ClassC)
2025-10-26	31.177.76.70 (ClassC)
2026-02-24	31.31.205.163 (ClassC)

HTTP/1.1 200 OKServer: nginx/1.14.1Date: Wed, 08 May 2019 10:08:09 GMTContent-Type: text/html; charsetutf-8Content-Length: 4161Connection: keep-aliveVary: Accept-EncodingLast-Modified: Tue, 19 Jun 201

!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.1//EN http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd>	html xmlnshttp://www.w3.org/1999/xhtml xml:langen>head>		title>Сотрудничество/title>		meta http-equivContent-Type contenttext/html; charsetUTF-8>		meta namekeywords contentдомен, форум>		meta namedescription contentзакрытый форум>				link relstylesheet typetext/css hrefstyle.css>				style typetext/css>/style>	/head>	body	oncontextmenureturn false oncopyreturn false; oncontextmenureturn false onselectstartreturn false;>	    br />	div aligncenter>	img src/golliardo.gif width361 height73> br>	/div>	  	p aligncenter> 	  br />	  br />	  br />	  br />	  br />	font facePalatino Linotype, Book Antiqua, Palatino, serif size6>	  script>	document.write(document.domain.toUpperCase());	   /script>	  br />	  script>	var language  navigator.userLanguage || navigator.language;	if (language  ru){	document.write(Правильный, надежный и выгодный домен.);	}else{	document.write(Right, solid, valuable domain name.);	}	   /script>	br />	  	  a hrefhttps://www.nic.ru/cgi/whois_webmail.cgi target_blank>	  script>	if (language  ru){	document.write(Отправить сообщение без регистрации сейчас);	}else{	document.write(Contact current registrant right now);	}	   /script>	  /a>	  script>	      var links  document.getElementsByTagName(a);		  links0.onclick  function () {		if (language  ru){//		  this.href  https://www.nic.ru/cgi/whois_webmail.cgi?domain + document.domain;		  this.href  https://www.nic.ru/whois/send-message/?domain + document.domain;		}else{//		  this.href  https://www.nic.ru/en/cgi/whois_webmail.cgi?domain + document.domain;		  this.href  https://www.nic.ru/en/whois/send-message/?domain + document.domain;		}	    }	   /script>	  /font>font facePalatino Linotype, Book Antiqua, Palatino, serif>br />	  br />	  br />	  br />	  br />	/font>/p>	p aligncenter> 	  font facePalatino Linotype, Book Antiqua, Palatino, serif size1>br />	  Это�

Subdomains

Date	Domain	IP
www.elefant.ru	2026-01-29	31.31.205.163

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > elefant.ru

Is this malicious?

Files that talk to elefant.ru

DNS Resolutions

Port 80

Subdomains