Domain > gate01.ori.net

More information on this domain is in AlienVault OTX

Property	Value
NameServer	NS2.ORI.NET
Created	1996-08-21 00:00:00
Changed	2015-08-08 00:00:00
Expires	2016-08-20 00:00:00
Registrar	TUCOWS DOMAINS INC.

DNS Resolutions

Date	IP Address
2026-02-15	208.72.105.243 (ClassC)

HTTP/1.1 200 OKCache-Control: privateContent-Type: text/html; charsetutf-8Server: Microsoft-IIS/10.0Set-Cookie: ASP.NET_SessionIdsxk5m2stck2gxigbb5ggzksr; path/; HttpOnly; SameSiteLaxX-AspNet-Version:

HTML>	HEAD>      script srcdist/js/WebQuarantineScripts.js?v>/script>	            script typetext/javascript>            $(document).ready(function () {                $(#isMobileField).val(isMobile.any());            });            //javascript detect            function cj() {                var tmpcookie  new Date();                chkcookie  (tmpcookie.getTime() + );                document.cookie  chkcookie + chkcookie + ; path/;                if (document.cookie.indexOf(chkcookie, 0) > 0) {                    $(#hidCookiesEnabled).val(True);                }                $(#LocalTimeZone).val((new Date().getTimezoneOffset() * -1));                $(#Default).attr(action, Default.aspx + window.location.search);                $(#Default).submit();            }		        /script>    /HEAD>	body onloadcj();>		form nameDefault methodpost actionDefault.aspx idDefault>input typehidden name__VIEWSTATE id__VIEWSTATE value/wEPDwULLTIxNDI1MDYwMThkZEdpE1o8grdCoGCZcY1AC8xn2ble2B3uW59ltTSHGZ0k />input typehidden name__VIEWSTATEGENERATOR id__VIEWSTATEGENERATOR valueCA0B0334 />input typehidden name__EVENTVALIDATION id__EVENTVALIDATION value/wEdAAQ2+TeTuMwlTNiPk+4OJpKPpu+Pwpge4ST4X2rDW8mC7hX0QjFdRSPM21p7uQGcDm8byKPuE0n4FQi5qyQqhnVziGsMEL0HXZA+O4RSalNP2439v7vS1hokePyV4O/e/DA />			input nameLocalTimeZone typehidden idLocalTimeZone />			input namehidCookiesEnabled typehidden idhidCookiesEnabled valuefalse />	            input nameisMobileField typehidden idisMobileField />				/form>		/body>/HTML>

Port 443

HTTP/1.1 200 OKCache-Control: privateContent-Type: text/html; charsetutf-8Server: Microsoft-IIS/10.0Set-Cookie: ASP.NET_SessionIdbzfjuy0txo2dy0a1z0hvgq0k; path/; HttpOnly; SameSiteLaxX-AspNet-Version:

Subdomains

Date	Domain	IP
hc10.ori.net	2025-11-01	208.72.105.169
gate01.ori.net	2026-02-15	208.72.105.243
mail01.ori.net	2025-11-26	208.72.105.73
ns2.ori.net	2025-11-27	208.72.105.2
web05.ori.net	2026-01-07	208.72.105.22
ns5.ori.net	2025-11-27	208.72.105.250
web06.ori.net	2026-02-07	208.72.105.24
hc.ori.net	2025-12-27	208.72.105.169
gate.ori.net	2026-02-07	208.72.105.243
billing.ori.net	2025-11-25	208.72.105.21
portal.ori.net	2025-10-07	208.72.105.169
mail.ori.net	2025-11-26	208.72.105.15
spam.ori.net	2025-11-27	208.72.105.243
spamtrap.ori.net	2025-11-26	208.72.105.243
wpcp.ori.net	2025-11-26	208.72.105.93
dhcpbatcher.ori.net	2025-10-29	208.72.105.18
router.ori.net	2025-06-03	204.246.191.31
www.router.ori.net	2025-04-12	204.246.191.2
autodiscover.ori.net	2025-11-16	208.72.105.73
unms.ori.net	2025-11-26	208.72.105.254
www.ori.net	2025-11-25	3.16.132.205
qualify.ori.net	2025-11-25	208.72.105.169

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

MD5	A/V
a480649c0695ca403c2650c2f5ec4796	[HW32.CDB.6149] [Packed.Win32.Katusha.1!O] [Trojan.FakeAV] [Kryptik.CCFN] [Win32/Kelihos.QbYCJQ] [Backdoor.Win32.Hlux.dqiv] [Backdoor.Hlux!zx6Z3QU4CJg] [Backdoor.Win32.Hlux.DUHE] [Trojan.Packed.26581] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos.F] [W32/Trojan.TGXU-8116] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32.Backdoor.Hlux.Lmai] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GNC] [Trojan.Win32.Kryptik.bCBCJ]

Domain > gate01.ori.net

Is this malicious?

Files that talk to gate01.ori.net

Whois

DNS Resolutions

Port 80

Port 443

Subdomains