Domain > nhs.uk

More information on this domain is in AlienVault OTX

Is this malicious?

Most users have voted this as not malicious

Files that talk to nhs.uk

MD5	A/V
292ad75fbab2288a453c7f7db162eed0	[HW32.CDB.A2b5] [Packed.Win32.Katusha.3!O] [Backdoor.Hlux!xuwpKhCjMA8] [WS.Reputation.1] [Kryptik.CDQY] [Backdoor.Win32.Hlux.dqzg] [UnclassifiedMalware] [Trojan.Packed.26581] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [W32/Trojan.HATR-5126] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.Aj] [Win32/Trojan.112]
833009a54c295a72ad64ab0941f482fe	[Suspicious.Cloud.5] [Kryptik.CCFN] [TrojWare.Win32.Kryptik.BZOO] [Trojan.DownLoad3.28912] [TR/Crypt.EPACK.9220] [Heuristic.BehavesLike.Win32.Suspicious-BAY.K] [Mal/FakeAV-UF] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32.SuspectCrc] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GIF] [Trojan.Win32.Kryptik.BZOO]
860dd245cbecd656df047b97456d0ad0	[HW32.CDB.9069] [Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.AntiWare!1.9D9B] [W32/Kelihos.KK@mm]
abe19665682ad3e10ba09471775c150b	[Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E]
1E3B4C2E93239CCE2B9793C514BE4767
e21b3469b4fc1efddf76d8c89f1ebb2a	[Malware.Packer.HGX1] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
9d52b8bb0f293d6adf237b964078d566	[HW32.CDB.63e2] [Backdoor.Hlux.r3] [Trojan.Win32.Kryptik.cwzoag] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dnld] [Backdoor.Hlux!zgxT2bGF2IQ] [UnclassifiedMalware] [Trojan.Packed.26544] [Heuristic.LooksLike.Win32.Suspicious.E] [Mal/FakeAV-UF] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [W32/Trojan.HFNJ-2013] [Heur.Trojan.Hlux] [Trojan.Win32.Kryptik.CASL] [Win32/Kryptik.CASL] [Backdoor.Win32.Kelihos] [W32/Hlux.CASL!tr.bdr] [Crypt_s.GMK]
0f85c93f59bf57bcc7573e7f8e373c21	[HW32.CDB.47eb] [Backdoor.Hlux.r3] [Backdoor.Hlux!kSgAszTjhZg] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dmru] [Trojan.Win32.Hlux.cwzljo] [Mal/FakeAV-UF] [BackDoor.Slym.13348] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [W32/Trojan.VZXF-1556] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Trojan.Win32.Kryptik.CASL]
14a2291e48bd02b528d0c018fee03e86	[HW32.CDB.A3eb] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [Trojan.Packed.26581] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.XULT-7356] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.CBCJ!tr] [Crypt_s.GNC]
0d42b2efd88f95f4d5af60b548d7290a	[FraudTool.Security] [W32/Tepfer.MQ!tr] [Win32/Cryptor]
e6d960bf587f5cb1497520fe716f1fb4	[Malware.Packer.FFS] [BackDoor.SlymENT.2075] [Heuristic.LooksLike.Win32.Suspicious.E] [Backdoor:Win32/Kelihos.F] [PE:Malware.XPACK/RDM!5.1]
2bb1e0a0c6f6082824d6fd9d4095bcd0	[Malware.Packer.SCD] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.BDPK!tr]
888cf6888e476ab89daef8385b7ae881	[HW32.CDB.B8e4] [Backdoor.Hlux.r3] [Trojan.Win32.Hlux.cxcinh] [Kryptik.CCFN] [Backdoor.Win32.Hlux.djfk] [Backdoor.Hlux!Jm3TflIszzA] [Mal/Kelihos-A] [TrojWare.Win32.Kryptik.BZOO] [Trojan.DownLoad3.28912] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GHF] [Trojan.Win32.Kryptik.BZIX]
639dd203d5ceeee335bccca69d4e8050	[HW32.CDB.9a0b] [Backdoor.Hlux.r3] [Kryptik.CCFN] [Backdoor.Win32.Hlux.djdi] [Backdoor.Hlux!dcOGw3a4azY] [Mal/Kelihos-A] [TrojWare.Win32.Kryptik.BZOO] [Trojan.DownLoad3.28912] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GHF] [Trojan.Win32.Kryptik.BZIX]
9aa81fa022c0b159758efa1bda4f9be1	[HW32.CDB.A20b] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dthd] [UnclassifiedMalware] [BackDoor.Slym.13011] [Backdoor:Win32/Kelihos] [Heur.Trojan.Hlux] [Win32/Kryptik.CBNK] [Win32.Backdoor.Hlux.Hwcu] [Trojan.Crypt3] [W32/Kryptik.BD!tr] [Crypt3.OHL] [Backdoor.Win32.Hlux.Ac]
971d6821a96e8f41da919db02ebc60da	[Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan/Win32.Yakes] [W32/Kelihos.BCEB!tr]
db5b440f6419090cd9567f3b33fd3ced	[Malware.Packer.HGX1] [BackDoor.SlymENT.1498] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
8889d486a91b3448e8b429ef99a536d0	[HW32.CDB.1cb9] [Trojan.Win32.Kryptik.cwzoai] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dnla] [Backdoor.Hlux!yM05ScK42o0] [Trojan.Packed.26544] [Mal/FakeAV-UF] [Backdoor:Win32/Kelihos] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Backdoor.Win32.Kelihos] [W32/Hlux.DNLA!tr.bdr] [Crypt_s.GMK] [Trojan.Win32.Kryptik.CASL] [Win32/Trojan.337]
d38a3646d932d062528aea48d2122315
4be57c95dd1e77ba6b00af63f6c5d79a	[BackDoor.Slym.1498] [BDS/Kelihos.F.5092] [Win32.PSWTroj.Tepfer.hd.(kcloud)] [Backdoor:Win32/Kelihos.F] [Backdoor/Win32.Kelihos] [Backdoor.Win32.Kelihos] [W32/Kelihos.JI!tr]

Whois

Property	Value
Organization	Nominet UK
Email	td@nominet.org.uk
NameServer	DNS2.NIC.UK
Created	1985-07-24 00:00:00
Changed	2015-09-01 00:00:00

DNS Resolutions

Date	IP Address
2009-09-13	217.64.234.29 (ClassC)
2012-02-04	109.123.69.6 (ClassC)
2012-11-26	217.64.234.65 (ClassC)
2013-05-13	83.98.30.176 (ClassC)
2013-08-10	217.33.237.6 (ClassC)
2013-08-20	31.222.155.36 (ClassC)
2013-08-24	213.229.71.78 (ClassC)
2013-09-11	84.45.124.80 (ClassC)
2013-11-10	193.195.78.74 (ClassC)
2014-04-10	91.151.211.148 (ClassC)
2014-05-31	86.28.79.152 (ClassC)
2014-06-06	85.232.51.138 (ClassC)
2014-06-06	109.169.78.149 (ClassC)
2014-06-23	109.123.103.129 (ClassC)
2014-06-23	89.200.142.163 (ClassC)
2014-06-24	80.193.119.90 (ClassC)
2014-06-24	193.62.94.223 (ClassC)
2014-06-24	95.130.103.83 (ClassC)
2014-06-24	54.228.50.73 (ClassC)
2014-06-24	94.236.93.178 (ClassC)
2014-06-25	217.33.237.21 (ClassC)
2014-07-02	212.188.192.232 (ClassC)
2014-07-02	213.121.240.52 (ClassC)
2014-08-11	188.121.60.90 (ClassC)
2014-10-19	85.232.51.231 (ClassC)
2014-10-19	162.13.38.76 (ClassC)
2014-10-19	83.138.161.2 (ClassC)
2014-10-19	92.52.104.22 (ClassC)
2014-10-19	195.224.12.39 (ClassC)
2014-10-30	195.89.24.39 (ClassC)
2014-11-02	31.222.191.107 (ClassC)
2014-11-05	193.61.119.8 (ClassC)
2014-11-05	194.168.132.153 (ClassC)
2014-11-07	161.17.0.33 (ClassC)
2014-11-07	89.145.71.234 (ClassC)
2014-11-07	162.13.38.52 (ClassC)
2014-11-07	83.138.144.227 (ClassC)
2014-11-07	212.250.43.28 (ClassC)
2014-11-09	86.28.79.146 (ClassC)
2014-12-03	149.255.61.6 (ClassC)
2014-12-09	31.222.164.74 (ClassC)
2024-07-15	94.245.104.73 (ClassC)
2025-05-17	4.158.93.42 (ClassC)

Port 80

Port 443

Subdomains

Date	Domain	IP
111.nhs.uk	2023-08-26	184.28.198.97
staging.111.nhs.uk	2023-08-26	92.122.92.43
www.111.nhs.uk	2024-07-25	184.28.198.97
www1.nhs.uk	2025-04-18	217.64.234.65
apply-for-care-identity.care-identity-service2.nhs.uk	2022-02-23	108.159.227.12
mail2.nhs.uk	2014-06-18	62.208.144.158
what0-18.nhs.uk	2025-05-12	45.157.40.144
www.what0-18.nhs.uk	2024-09-12	104.22.71.250
covid-19.nhs.uk	2023-12-20	13.227.74.93
www.covid-19.nhs.uk	2024-07-01	3.163.24.74
covid19.nhs.uk	2023-12-07	3.163.24.96
dev.register.covid19.nhs.uk	2024-11-05	18.65.229.80
dev.covid19.nhs.uk	2025-02-11	3.163.24.54
bau.dev.covid19.nhs.uk	2024-10-08	108.138.94.5
cfa.nhs.uk	2024-08-29	52.56.177.58
northumbria.nhs.uk	2024-09-29	107.154.115.122
www.northumbria.nhs.uk	2025-04-30	45.60.12.138
www.hpa.nhs.uk	2014-09-08	184.84.180.9
hra.nhs.uk	2024-12-06	35.178.153.235
www.hra.nhs.uk	2024-03-11	18.161.6.66
nhsbsa.nhs.uk	2024-11-26	212.84.170.1
connect-a.nhsbsa.nhs.uk	2024-12-29	213.105.55.133
api.card-payment-service.nhsbsa.nhs.uk	2024-11-24	18.134.118.83
buy-prescription-prepayment-certificate.nhsbsa.nhs.uk	2024-11-24	18.132.152.185
request-a-form.nhsbsa.nhs.uk	2024-11-24	18.135.125.60
cms.nhsbsa.nhs.uk	2025-05-16	185.181.127.66
compass.nhsbsa.nhs.uk	2025-05-10	213.107.187.134
tst.api.cvd.pharmacy.mys.nhsbsa.nhs.uk	2024-05-30	35.179.58.170
connect.nhsbsa.nhs.uk	2025-04-30	213.105.55.133
single-user-view.nhsbsa.nhs.uk	2024-11-24	3.9.32.129
www.nhsbsa.nhs.uk	2025-01-16	185.181.127.71
npsa.nhs.uk	2025-03-02	85.232.51.147
author.metadata.nhs.uk	2024-09-04	204.246.191.26
nta.nhs.uk	2025-04-26	151.101.2.30
uhdb.nhs.uk	2025-04-28	51.11.17.98
myid.uhb.nhs.uk	2024-03-10	18.133.25.144
eastamb.nhs.uk	2023-08-27	51.145.101.99
uhmb.nhs.uk	2025-05-06	185.217.40.160
ebusiness.dpb.nhs.uk	2025-05-07	213.107.187.140
hwstaffhub.nhs.uk	2025-05-05	51.11.17.98
clatterbridgecc.nhs.uk	2023-08-27	178.238.129.79
westlondonhcc.nhs.uk	2025-05-02	51.104.28.65
www.commercialsolutions-sec.nhs.uk	2024-08-01	3.248.82.25
www.beaconsidehc.nhs.uk	2014-12-02	83.223.106.8
ghc.nhs.uk	2025-04-29	62.182.18.204
datagov.ic.nhs.uk	2014-06-27	54.230.89.47
ncic.nhs.uk	2025-05-02	45.60.74.41
www.transformingcancercaremc.nhs.uk	2015-03-18	162.159.253.121
noc.nhs.uk	2013-12-10	109.71.120.10
northoftyneapc.nhs.uk	2025-05-04	45.60.20.138
www.northoftyneapc.nhs.uk	2024-12-29	45.60.12.138
ebpc.nhs.uk	2025-04-25	185.230.63.107
shsc.nhs.uk	2025-02-09	35.178.153.235
jarvis.shsc.nhs.uk	2024-09-17	18.161.6.65
www.shsc.nhs.uk	2024-04-23	204.246.191.34
bwc.nhs.uk	2025-04-25	51.11.17.97
intranet.bwc.nhs.uk	2025-04-25	51.104.237.235
northmid.nhs.uk	2024-04-26	51.11.17.97
aovpn.northmid.nhs.uk	2025-01-16	20.90.157.46
nwpgmd.nhs.uk	2025-05-08	20.68.241.136
gpathand.nhs.uk	2023-08-27	99.80.231.80
england.nhs.uk	2024-07-14	3.10.95.29
tabtest.data.england.nhs.uk	2025-04-26	52.151.125.1
content.qilearning.england.nhs.uk	2024-11-02	3.163.24.103
innovation.england.nhs.uk	2024-07-02	52.169.184.163
www.performer.england.nhs.uk	2025-05-16	45.60.31.150
lms.england.nhs.uk	2024-08-01	54.195.26.172
www.qst.england.nhs.uk	2025-04-17	20.76.227.243
www.england.nhs.uk	2019-10-11	13.32.255.217

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]