Domain > php.net

More information on this domain is in AlienVault OTX

Is this malicious?

Most users have voted this as not malicious

Files that talk to php.net

MD5	A/V
1a11a7251151676ba0286b1665e1d5f6	[TrojanDownloader.Delf.algw] [Virus] [Trojan.Win32.Delf.buvyr] [WORM_PROLACO.SMX] [Virus.Win32.Cabres.a] [Heur.Suspicious] [Win32.HLLW.Autoruner.38004] [Heuristic.BehavesLike.Win32.Suspicious-BAY.G] [W32/AutoRun-BLW] [TrojanDownloader.Delf.cbj] [VIRUS_UNKNOWN] [Trojan:Win32/Hiloti] [TrojanDownloader.Delf] [W32/Buzus.AHR!tr]
1929530a1f2d6d48a87aac928220e460	[HW32.CDB.4199] [Backdoor.Hlux.r3] [Trojan.Win32.Hlux.cwwgjj] [Kryptik.CCFN] [Backdoor.Win32.Hlux.crc] [Backdoor.Hlux!GJ0f5FTmyog] [UnclassifiedMalware] [BackDoor.Slym.14056] [Heuristic.LooksLike.Win32.Suspicious.E] [Mal/Kelihos-A] [Trojan[Backdoor]/Win32.Hlux] [Trojan:Win32/Sisron] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32.SuspectCrc] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GJB] [Trojan.Win32.Kryptik.BZWV] [Win32/Trojan.e55]
a18d65d2f262fb7e2b57f83e3e56d101	[Trojan.Renos.LN] [Trojan.Jorik-253] [Trojan.DownLoader2.50718] [Win32/Kryptik.AJNC] [W32/PackZbot.D!tr] [PackedW32/TDSS.HZ] [Trojan-Downloader.Win32.Renos] [Trojan.Downloader] [Downloader-CEW.au] [TrojanDownloaderWin32/Renos.PT] [Mal/FakeAV-BT] [TROJ_RENOS.SMIE] [Trojan.Jorik.Skor]
427481f8e79f0ee33385c9da2fe00111	[HW32.CDB.16f0] [Backdoor.Hlux!hl4OBD+jyQw] [Kryptik.CCFN] [Backdoor.Win32.Hlux.djqf] [Trojan.Win32.Hlux.cxbctj] [TrojWare.Win32.Kryptik.BZOO] [Mal/Kelihos-A] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GHE] [Trojan.Win32.Kryptik.BZIX]
8451fa18af7c598d9081aabcb6b0c789	[Trojan.Renos.PG] [Trojan.Downloader-109547] [Trojan.DownLoader.64420] [Win32/TrojanDownloader.FakeAlert.BGV] [W32/CodecPack.ATMJ!tr] [Trojan-Downloader.Win32.CodecPack] [Trojan-Downloader.Win32.CodecPack.aswc] [Trojan.Downloader] [Downloader-CEW.ba] [TrojanDownloader*Win32/Renos.PG] [Mal/FakeAV-NJ] [Downloader] [TROJ_FAKEAV.SM89] [Heur.Trojan.Hlux]
a52b1b3be044b7ff6f391627ed4f154d	[Trojan.Renos.PG] [Win.Trojan.Fakeav-1325] [Trojan.DownLoader2.52703] [Win32/Kryptik.NRN] [W32/CodecPack.ATMJ!tr] [FakeAV.OJV] [Trojan.Fakeav] [Hoax.Win32.FlashApp.a] [Trojan.Downloader] [Downloader-CEW.ba] [TrojanDownloader*Win32/Renos.PG] [Mal/FakeAV-NJ] [TROJ_FAKEAV.SM90] [Heur.Trojan.Hlux]
379bceea81b377d34293ab1fe125b159	[Trojan.VBS.Downloader.SL] [Trojan.VBS.Downloader.SL] [Trojan.VBS.Downloader.SL] [Trojan.VBS.Downloader.SL] [Trojan.VBS.Downloader.SL] [Trojan.VBS.Downloader.SL] [Trojan.VBS.Downloader.SL] [Trojan.VBS.Downloader.SL]
36d145967f21ad7e05b5d3798934c670
8fcd8eb73fb665785082570cfb5e4943
319ccbdd5e14b7013028d2a5d7f96925
db15324dd87f796f804795dd424cfa43
df3b9c259eff84b528f4edaac1b103a1
7fe4fba5b8748bbec1e80e01a0afcc0b
d121fe07c751883cb1b5d0b646c44061
6bfc48996bb2756d4808cae3d9010a81
a6fac023dd5cc928f1472166921dfd59
8b0e7db17842ba98d271b217dcd8909e	[Worm/W32.NetSky.18432.B] [W32.NetSky.F] [W32/Netsky.f@MM] [W32/Netsky.F@MM] [Trojan.Win32.NetSky.ftje] [W32/Netsky.F@mm] [W32.Netsky.F@mm] [Win32/Netsky.F] [WORM_NETSKY.AT] [Worm.SomeFool.F] [Email-Worm.Win32.NetSky.f] [I-Worm.Netsky.F] [I-Worm.Win32.NetSky.18432[h]] [W32.W.NetSky.f!c] [Virus.Win32.Heur.e] [W32/Netsky-F] [Worm.Win32.Netsky.F] [Win32.HLLM.Netsky.18609] [Worm.NetSky.Win32.34] [WORM_NETSKY.AT] [BehavesLike.Win32.StartPage.lc] [W32/Netsky.TBVD-8371] [I-Worm/NetSky.f] [WORM/Netsky.F] [Worm:Win32/Netsky.F@mm] [Win32/Netsky.worm.18432] [Win32/Netsky.F] [Worm.NetSky] [I-Worm.Netsky.F] [Win32.Worm-email.Netsky.Dztu] [Email-Worm.Win32.NetSky.F] [W32/NetSky.F!dam] [I-Worm/Netsky.F] [Worm.Win32.Netsky.F] [Win32/Trojan.e31]
74b14a59c452399739fa70902c132d01	[W32.eHeur.Malware11] [HEUR:Packed.Win32.Black.f]
11dc4eb61d833a576c1eafdbbfd3edd0
4b38af0d70f80a1c4da811bbda23834b	[VIPRE.Suspicious] [Trojan-Spy.Win32.Banker.anv]

Whois

Property	Value
NameServer	DNS2.EASYDNS.NET
Created	1997-11-18 00:00:00
Changed	2014-11-14 00:00:00
Expires	2023-11-17 00:00:00
Registrar	TUCOWS DOMAINS INC.

DNS Resolutions

Date	IP Address
2010-12-14	69.147.83.197 (ClassC)
2013-02-09	49.212.134.217 (ClassC)
2013-02-09	61.195.146.164 (ClassC)
2013-04-01	185.5.82.1 (ClassC)
2013-10-24	87.117.229.81 (ClassC)
2013-10-24	69.147.83.199 (ClassC)
2013-10-24	69.147.83.199 (ClassC)
2013-10-24	192.41.45.249 (ClassC)
2013-10-24	82.100.240.32 (ClassC)
2013-10-24	64.71.164.5 (ClassC)
2013-10-26	72.52.91.12 (ClassC)
2013-10-27	72.52.91.14 (ClassC)
2014-05-29	72.52.91.14 (ClassC)
2014-07-02	108.163.197.98 (ClassC)
2014-08-18	208.69.120.58 (ClassC)
2014-08-18	216.194.115.245 (ClassC)
2014-10-29	69.195.222.219 (ClassC)
2014-10-30	195.8.208.241 (ClassC)
2014-11-05	76.75.200.106 (ClassC)
2014-11-07	5.77.39.20 (ClassC)
2018-12-19	208.43.231.9 (ClassC)
2022-01-16	45.112.84.5 (ClassC)
2024-05-26	2a02:cb40:200::1ad (ClassC)
2025-06-18	185.85.0.29 (ClassC)

HTTP/1.1 200 OKServer: myracloudDate: Thu, 04 Jul 2019 22:52:49 GMTContent-Type: text/html; charsetutf-8Transfer-Encoding: chunkedConnection: keep-aliveLast-Modified: Thu, 04 Jul 2019 22:10:09 GMTCont

!DOCTYPE html>html xmlnshttp://www.w3.org/1999/xhtml langen>head>  meta charsetutf-8>  meta nameviewport contentwidthdevice-width, initial-scale1.0>  title>PHP: Hypertext Preprocessor/title> link relshortcut icon hrefhttps://www.php.net/favicon.ico> link relsearch typeapplication/opensearchdescription+xml hrefhttp://php.net/phpnetimprovedsearch.src titleAdd PHP.net search> link relalternate typeapplication/atom+xml hrefhttps://www.php.net/releases/feed.php titlePHP Release feed> link relalternate typeapplication/atom+xml hrefhttps://www.php.net/feed.atom titlePHP: Hypertext Preprocessor> link relcanonical hrefhttps://www.php.net/index.php> link relshorturl hrefhttps://www.php.net/index> link relalternate hrefhttps://www.php.net/index hreflangx-default>link relstylesheet typetext/css href/cached.php?t1539771603&f/fonts/Fira/fira.css mediascreen>link relstylesheet typetext/css href/cached.php?t1539765004&f/fonts/Font-Awesome/css/fontello.css mediascreen>link relstylesheet typetext/css href/cached.php?t1540425603&f/styles/theme-base.css mediascreen>link relstylesheet typetext/css href/cached.php?t1540425603&f/styles/theme-medium.css mediascreen>link relstylesheet typetext/css href/cached.php?t1429259403&f/styles/home.css mediascreen> !--if lte IE 7> link relstylesheet typetext/css hrefhttps://www.php.net/styles/workarounds.ie7.css mediascreen> !endif--> !--if lte IE 8> script>  window.brokenIE  true; /script> !endif--> !--if lte IE 9> link relstylesheet typetext/css hrefhttps://www.php.net/styles/workarounds.ie9.css mediascreen> !endif--> !--if IE> script srchttps://www.php.net/js/ext/html5.js>/script> !endif--> base hrefhttps://www.php.net/index.php>/head>body classhome >nav idhead-nav classnavbar navbar-fixed-top>  div classnavbar-inner clearfix>    a href/ classbrand>img src/images/logos/php-logo.svg width48 height24 altphp>/a>    div idmainmenu-toggle-overlay>/div>    input typecheckbox idmainmenu-toggle>    ul classnav>      li class>a href/downloads>Downloads/a>/li>      li class>a href/doc

Subdomains

Date	Domain	IP
ba1.php.net	2025-06-18	185.85.0.29
cn2.php.net	2025-06-19	185.85.0.29
static.php.net	2025-06-18	185.85.0.29
shared.php.net	2025-06-18	185.85.0.29
de.php.net	2014-07-12	212.124.37.9
secure.php.net	2015-06-24	72.52.91.14
wiki.php.net	2025-03-17	45.55.181.207
pecl.php.net	2025-06-06	104.236.228.160
cn.php.net	2025-06-18	185.85.0.29
pear.php.net	2025-06-19	109.203.101.62
analytics.php.net	2025-06-18	167.71.2.31
downloads.php.net	2025-04-16	104.236.32.144
bugs.php.net	2024-08-01	206.189.200.141
windows.php.net	2025-06-18	83.137.149.15
lv.php.net	2025-06-18	185.85.0.29
www.php.net	2014-12-08	72.52.91.14

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]