Domain > ghgproviders.com

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2019-12-12	13.32.83.108 (ClassC)
2019-12-12	13.32.83.46 (ClassC)
2019-12-12	13.32.83.87 (ClassC)
2019-12-12	52.85.34.5 (ClassC)
2019-12-12	52.85.34.90 (ClassC)
2020-07-02	13.249.120.10 (ClassC)
2020-07-31	13.226.50.77 (ClassC)
2020-07-31	13.226.50.101 (ClassC)
2020-07-31	13.226.50.120 (ClassC)
2020-08-01	13.249.40.29 (ClassC)
2020-08-01	13.249.40.30 (ClassC)
2020-08-01	13.249.40.52 (ClassC)
2020-08-17	13.33.60.51 (ClassC)
2020-08-17	13.33.60.87 (ClassC)
2020-08-17	13.33.60.125 (ClassC)
2020-08-17	13.33.60.3 (ClassC)
2022-09-15	3.224.159.114 (ClassC)
2024-03-01	52.202.41.241 (ClassC)
2024-03-07	52.206.232.182 (ClassC)
2024-05-05	34.195.173.124 (ClassC)
2024-06-21	54.166.219.132 (ClassC)
2024-07-03	3.231.234.198 (ClassC)
2024-07-30	3.226.46.55 (ClassC)
2024-08-30	3.214.186.219 (ClassC)
2024-09-15	52.202.200.151 (ClassC)
2024-09-25	3.221.194.5 (ClassC)
2024-10-06	44.213.145.148 (ClassC)
2024-12-02	3.235.221.80 (ClassC)
2024-12-06	107.20.7.199 (ClassC)
2024-12-25	18.205.230.49 (ClassC)
2024-12-26	54.157.129.238 (ClassC)
2025-02-05	44.217.92.156 (ClassC)
2025-03-28	100.25.32.158 (ClassC)
2025-03-31	52.20.161.190 (ClassC)
2025-05-05	52.205.196.30 (ClassC)
2025-05-07	52.23.133.198 (ClassC)
2025-06-25	3.222.130.8 (ClassC)
2025-07-13	54.236.220.89 (ClassC)
2025-08-17	44.216.66.205 (ClassC)
2025-08-27	3.224.111.99 (ClassC)
2025-09-02	34.195.4.136 (ClassC)
2025-09-24	34.196.56.231 (ClassC)
2025-11-02	44.205.51.169 (ClassC)
2025-12-21	3.214.170.132 (ClassC)
2026-01-16	52.86.192.186 (ClassC)

HTTP/1.1 200 OKDate: Thu, 07 Mar 2024 18:20:29 GMTContent-Type: text/html; charsetUTF-8Content-Length: 2102Connection: keep-aliveServer: ApacheUpgrade: h2,h2cSet-Cookie: PHPSESSID7u7ahjmgihtp5kcigmsin

!DOCTYPE html>html >head>    meta charsetUTF-8>    title>Genuine Health Group/title>      link relstylesheet hrefhttps://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css>    link relstylesheet prefetch hrefhttps://fonts.googleapis.com/css?familyRoboto:400,100,300,500,700,900|RobotoDraft:400,100,300,500,700,900>    link relstylesheet prefetch hrefhttps://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css>    link relstylesheet hrefcss/style.css>  /head>form action/index.php methodPOST namefrom_login enctypemultipart/form-data onSubmitVFForm();return false;>input typehidden names_for value>input typehidden nametype value>body>script typetext/javascript>!--function OnLogin(){    myform  document.from_login;    //var stype  individual;        if(myform.user_name.value.length  0){        alert(Please enter your Email!);        return false;    }    if(myform.password.value.length  0){        alert(Please choose a password!);        return false;    }    myform.type.value  user;    myform.s_for.value  login_user;    //alert(myform.s_for.value);    myform.submit();}//-->/script>  !-- Form Mixin-->!-- Input Mixin-->!-- Button Mixin-->!-- Pen Title-->div classpen-title>  h1>Genuine Health Group/h1>span>a hrefhttps://www.genuinehealthgroup.com/>Genuine Health Group/a>/span>/div>!-- Form Module-->div classmodule form-module>                                      div classform>    h2>Login to your account/h2>    form>      input typetext nameuser_name placeholderUsername/>      input typepassword namepassword  placeholderPassword/>    center>button onClickOnLogin()>Login/button>/center>    /form>  /div>  div classcta>a href#>Forgot your password?/a>/div>/div>    script srchttp://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js>/script>    script srcjs/index.js>/script>/body>/form>/html>

Subdomains

Date	Domain	IP
www.ghgproviders.com	2024-12-06	34.235.71.14

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > ghgproviders.com

Is this malicious?

DNS Resolutions

Port 80

Port 443

Subdomains