Domain > gomelnews.ru

Welcome! Right click nodes and scroll the mouse to navigate the graph.

More information on this domain is in AlienVault OTX

Files that talk to gomelnews.ru

MD5	A/V
e6955678f01a142d7f00244387111df5	[BehavesLike.JS.ExploitBlacole.zx] [TrojanDownloader:JS/Swabfex.A] [Trojan-Downloader.JS.Swabfex]
656695bcf43bb43df13bd988ce5a0bf7	[HW32.Packed.7B6C]
2520413960ef0e870ccb53dc1b26880d	[HW32.Packed.855E] [W32/Injector.CNCL!tr] [Win32.Trojan.Bp-ransomware.Ejqz]
2240252bc67ffecebabbbe29671af8a8	[Trojan/W32.Bitman.367104] [Trojan.Dropper] [Win32/Filecoder.EM] [Trojan-Ransom.Win32.Bitman.aay] [Trojan.Win32.Ransom.367104.B[h]] [Win32.Trojan.Bp-ransomware.Ejqz] [Trojan.Inject1.43628] [Trojan[Ransom]/Win32.Bitman] [Ransom:Win32/Tescrypt.E] [Trojan/Win32.NgrBot] [Trojan.Ransom.TeslaCrypt] [Trojan.Win32.Filecoder] [PossibleThreat.P0] [Crypt5.OZK] [Adware.Win32.iBryte.EGFB]
40e091af6c5f60016e99d77f58654fbb	[HW32.Packed.5840] [Ransom.TeslaCrypt] [Trojan.Win32.AVKill.dyyaby] [Ransom_CRYPTESLA.SM] [Trojan.Win32.Yakes.nonx] [Trojan.Yakes!mYjlaV8AwuU] [BehavesLike.Win32.PWSZbot.fh] [Mal/Ransom-DL] [TR/Crypt.ZPACK.218188] [W32/Injector.CNCL!tr] [Trojan/Win32.Yakes] [Ransom:Win32/Tescrypt.E] [Trojan.Kryptik] [Zbot.AKGE] [Trojan.Win32.Yakes.nonx]
1d48748f9ee60b0627cb1f563757b207
45683c29a36ef8a15f216d7c4b2af822
77290f994d05ad0add5768c9c040dc55
a52ab3a80796c11ad604da90354928cd
e7e841fb2bd490cfefb4cf398a7af965
aaf2def4342c1e1bf93d07310c2b6cea	[JS/Locky.P!Eldorado] [JS/Locky.P!Eldorado] [JS/Dldr.Locky.LD] [JS/Nemucod.JL!tr]
519d29f0a446f0255d8f022160d06932	[JS.Trojan.Nemucod.bz] [JS/Locky.P!Eldorado] [JS.Downloader] [JS/TrojanDownloader.Nemucod.MV] [Js.Dldr.Locky!c] [Mal/JSDldr-C] [Trojan-Downloader:JS/Locky.F] [JS.DownLoader.1181] [BehavesLike.JS.ObfuscatedScript.xv] [JS/Locky.P!Eldorado] [TrojanDownloader:JS/Locky.A] [HEUR.JS.Trojan.b] [JS/Obfus.S19] [JS/Nemucod.fo] [Trojan-Ransom.Script.Locky] [JS/Nemucod.JL!tr]

DNS Resolutions

Date	IP Address
2013-08-27	37.200.67.2 (ClassC)
2025-08-11	185.197.163.65 (ClassC)

HTTP/1.1 200 OKServer: nginxDate: Sun, 03 Dec 2023 15:11:56 GMTContent-Type: text/html; charsetcp-1251Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Thu, 19 Nov 1981 08:

!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>html xmlnshttp://www.w3.org/1999/xhtml xml:langru langru>head>title>������� ������ � �������/title>meta http-equivContent-Type contenttext/html; charsetwindows-1251 />meta namedescription content��� ������� ������ />meta namekeywords content������ ������� ������� ����� ���������� ������� />meta namerobots contentall />meta namerevisit-after content1 days />link relsearch typeapplication/opensearchdescription+xml hrefhttp://gomelnews.ru/engine/opensearch.php title������� ������ � ������� />link relalternate typeapplication/rss+xml title������� ������ � ������� hrefhttp://gomelnews.ru/rss.xml />link relshortcut icon href/templates/gomelnews/images/favicon.ico />style typetext/css mediaall>@import url(/templates/gomelnews/css/main.css);/style>script typetext/javascript src/templates/gomelnews/js/jquery-1.2.6.pack.js>/script>script typetext/javascript src/templates/gomelnews/js/stepcarousel.js>/script>script typetext/javascript src/templates/gomelnews/js/tabcontent.js>/script>/head>body classpagebg>script languagejavascript typetext/javascript>!--var dle_root        /;var dle_admin       ;var dle_login_hash  ;var dle_skin        gomelnews;var dle_wysiwyg     no;var quick_wysiwyg   0;var menu_short      ������� ��������������;var menu_full       ������ ��������������;var menu_profile    �������� �������;var menu_fnews      ����� ��� ����������;var menu_fcomments  ����� ��� �����������;var menu_send       ��������� ���������;var menu_uedit      ����������;var dle_req_field   ��������� ��� ����������� ����;var dle_del_agree   �� ������������� ������ �������? ������ �������� ���������� ����� ��������;var dle_del_news    ������� �������;var dle_login_hash  ;var allow_dle_delete_news    false;//-->/script>script typetext/javascript src/engine/ajax/menu.js>/script>script typetext/javascript src/engine/ajax/dle_ajax.js>/script>div idloading-layer styledisplay:none;font-family: Verdana;font-size: 11px;width:

Subdomains

Date	Domain	IP

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > gomelnews.ru

Is this malicious?

Files that talk to gomelnews.ru

DNS Resolutions

Port 80

Port 443

Subdomains