Domain > ngrok.com

More information on this domain is in AlienVault OTX

Files that talk to ngrok.com

MD5	A/V
468ccdc4e7db0b15ea491b9c1de8e6b1
fdd7b67a4fd955fce3ef50bb16bde7d3	[Backdoor.NJBot.MSIL] [Backdoor.Ratenjay] [Win.Backdoor.Bladabindi-1] [Trojan.Win32.DownLoader11.cxfbrl] [Troj/Bladabi-V] [Backdoor.MSIL.Bladabindi.A] [BackDoor.Bladabindi.1056] [BehavesLike.Win32.BackdoorNJRat.mm] [Backdoor:MSIL/Bladabindi.AL] [Trojan.MSIL.Bladabindi] [MSIL/Bladabindi.Q!tr] [PSW.ILUSpy]
52c4daf2a840aab98c243db0334f7fe2

Whois

Property	Value
Email	F5EE09C3BCE846E3BEECDF8266D2F61C.PROTECT@WHOISGUARD.COM
NameServer	NS-1552.AWSDNS-02.CO.UK
Created	2013-03-18 00:00:00
Changed	2015-03-08 00:00:00
Expires	2017-03-18 00:00:00
Registrar	ENOM, INC.

DNS Resolutions

Date	IP Address
2013-11-13	173.255.204.192 (ClassC)
2016-04-07	198.58.102.42 (ClassC)
2016-04-08	45.33.127.226 (ClassC)
2016-04-09	198.58.107.51 (ClassC)
2018-11-08	52.25.124.181 (ClassC)
2019-05-05	52.41.214.241 (ClassC)
2019-05-06	54.68.226.153 (ClassC)
2019-11-04	52.42.164.6 (ClassC)
2019-11-07	52.32.88.99 (ClassC)
2019-11-13	52.43.45.18 (ClassC)
2019-12-03	34.211.12.31 (ClassC)
2021-01-15	54.218.215.34 (ClassC)
2021-01-18	54.244.165.26 (ClassC)
2023-08-26	34.211.83.157 (ClassC)
2023-09-29	44.234.65.150 (ClassC)
2023-11-12	34.210.2.84 (ClassC)
2023-12-01	54.149.139.58 (ClassC)
2024-01-11	35.87.166.80 (ClassC)
2024-01-27	35.89.85.219 (ClassC)
2024-02-11	35.87.54.183 (ClassC)
2024-04-19	34.214.56.111 (ClassC)
2024-05-24	34.220.8.67 (ClassC)
2024-06-08	34.219.99.10 (ClassC)
2024-07-01	34.220.143.141 (ClassC)
2024-11-09	34.222.178.168 (ClassC)
2024-12-04	54.212.130.123 (ClassC)
2024-12-12	34.212.23.211 (ClassC)
2024-12-16	52.12.198.198 (ClassC)
2025-01-04	35.92.55.128 (ClassC)
2025-05-28	13.56.217.111 (ClassC)
2025-05-31	184.72.44.51 (ClassC)
2025-06-30	54.193.184.75 (ClassC)
2025-07-11	50.18.8.146 (ClassC)
2025-07-14	52.8.87.87 (ClassC)
2025-07-25	54.183.107.205 (ClassC)
2025-08-06	13.57.100.232 (ClassC)
2025-09-23	184.169.177.238 (ClassC)
2025-10-23	52.53.65.125 (ClassC)
2026-01-19	13.57.90.134 (ClassC)
2026-01-25	13.52.160.34 (ClassC)

HTTP/1.1 200 OKDate: Fri, 15 Jan 2021 21:05:51 GMTContent-Type: text/html; charsetutf-8Content-Length: 20998Connection: keep-aliveVary: Accept-EncodingX-Frame-Options: DENYX-XSS-Protection: 1; modeblo

!doctype html>html langen>  head>    meta charsetutf-8>    title>ngrok - secure introspectable tunnels to localhost/title>    meta nameviewport contentwidthdevice-width, initial-scale1, maximum-scale1>    meta namedescription contentngrok secure introspectable tunnels to localhost webhook development tool and debugging tool>    meta nameauthor contentinconshreveable>	link href/static/css/normalize.min.css relstylesheet typetext/css>	link href/static/css/webflow.min.css relstylesheet typetext/css>	link href/static/css/ngrok.webflow.min.css relstylesheet typetext/css>    link relstylesheet href/static/css/base.min.css?t2021-01-15%2021%3A05%3A03.071643 />	script src/static/js/jquery-3.4.1.min.js typetext/javascript>/script>	link href/static/img/favicon.png relshortcut icon typeimage/x-icon>        style>  .typed-text {text-decoration-color: #FA8080;        text-decoration-skip-ink: none;}  a:link {text-decoration-color: #FA8080;}/style>    script>      (function(i,s,o,g,r,a,m){iGoogleAnalyticsObjectr;irir||function(){      (ir.qir.q||).push(arguments)},ir.l1*new Date();as.createElement(o),      ms.getElementsByTagName(o)0;a.async1;a.srcg;m.parentNode.insertBefore(a,m)      })(window,document,script,//www.google-analytics.com/analytics.js,ga);      ga(create, UA-41575845-1, ngrok.com);      ga(send, pageview);    /script>    !-- Start Visual Website Optimizer Asynchronous Code -->script typetext/javascript>var _vwo_code(function(){var account_id318334,settings_tolerance2000,library_tolerance2500,use_existing_jqueryfalse,/* DO NOT EDIT BELOW THIS LINE */ffalse,ddocument;return{use_existing_jquery:function(){return use_existing_jquery;},library_tolerance:function(){return library_tolerance;},finish:function(){if(!f){ftrue;var ad.getElementById(_vis_opt_path_hides);if(a)a.parentNode.removeChild(a);}},finished:function(){return f;},load:function(a){var bd.createElement(script);b.srca;b.typetext/javascript;b.innerText;b.onerrorfunction(){_vwo_code.finish();};d.getElementsByTagName(head)0.appendChild(b);},init:function(){s

Subdomains

Date	Domain	IP
tunnel.us-cal-1.ngrok.com	2025-03-01	52.53.75.151
tunnel.sa.ngrok.com	2025-03-15	18.228.107.150
download.ngrok.com	2025-04-27	184.72.44.51
dashboard.ngrok.com	2024-08-19	184.72.44.51
crl.ngrok.com	2024-03-14	18.65.229.65
cdn.ngrok.com	2024-10-07	50.18.8.146
tunnel.in.ngrok.com	2025-03-21	13.232.212.61
tunnel.jp.ngrok.com	2025-03-21	54.178.247.185
docs.ngrok.com	2025-10-05	3.101.222.125
assets.ngrok.com	2025-01-17	3.163.158.41
tunnel.us.ngrok.com	2025-05-14	3.20.27.198
tunnel.eu.ngrok.com	2025-04-27	3.125.92.105
www.ngrok.com	2024-08-10	34.212.23.211

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > ngrok.com

Is this malicious?

Files that talk to ngrok.com

Whois

DNS Resolutions

Port 80

Port 443

Subdomains