Help RSS API Feed Maltego Contact                        

Domain > users.sf.net

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to users.sf.net
MD5A/V
3018e99857f31a59e0777396ae634a8f[W32.SkyNetP.Worm] [Worm/W32.NetSky.29568] [W32.NetSky.P] [Worm.NetSky.q] [Worm.Netsky] [Worm.NetSky.Win32.3] [Worm.Netsky-P] [Trojan.Win32.NetSky.idzx] [W32/Netsky.P@mm] [W32.Netsky.P@mm] [Netsky.P] [Win32/Netsky.P] [WORM_NETSKY.P] [Worm.NetSky-14] [Email-Worm.Win32.NetSky.q] [I-Worm.NetSky!4NWvXC1SwiU] [I-Worm.Win32.Netsky.29568.K] [Worm.Win32.Netsky.aa] [Worm.Win32.Netsky.Q] [Win32.HLLM.Netsky.18401] [BehavesLike.Win32.Netsky.mc] [W32/Netsky-P] [Worm/Netsky.AP] [Worm[Email]/Win32.NetSky] [Worm.NetSky.r.(kcloud)] [Worm:Win32/Netsky.P@mm] [Win-Trojan/Fsg.29568] [W32/Netsky.p@MM] [I-Worm.Netsky.Q] [Win32/Netsky.Q] [Virus.Win32.Netsky] [I-Worm/Netsky] [Worm.Win32.NetSky.q] [Win32/Worm.d2e] [EmailWorm] [Heuristic.BehavesLike.Win32.Suspicious-PKR.G] [Worm/Win32.NetSky]
8b0e7db17842ba98d271b217dcd8909e[Worm/W32.NetSky.18432.B] [W32.NetSky.F] [W32/Netsky.f@MM] [W32/Netsky.F@MM] [Trojan.Win32.NetSky.ftje] [W32/Netsky.F@mm] [W32.Netsky.F@mm] [Win32/Netsky.F] [WORM_NETSKY.AT] [Worm.SomeFool.F] [Email-Worm.Win32.NetSky.f] [I-Worm.Netsky.F] [I-Worm.Win32.NetSky.18432[h]] [W32.W.NetSky.f!c] [Virus.Win32.Heur.e] [W32/Netsky-F] [Worm.Win32.Netsky.F] [Win32.HLLM.Netsky.18609] [Worm.NetSky.Win32.34] [WORM_NETSKY.AT] [BehavesLike.Win32.StartPage.lc] [W32/Netsky.TBVD-8371] [I-Worm/NetSky.f] [WORM/Netsky.F] [Worm:Win32/Netsky.F@mm] [Win32/Netsky.worm.18432] [Win32/Netsky.F] [Worm.NetSky] [I-Worm.Netsky.F] [Win32.Worm-email.Netsky.Dztu] [Email-Worm.Win32.NetSky.F] [W32/NetSky.F!dam] [I-Worm/Netsky.F] [Worm.Win32.Netsky.F] [Win32/Trojan.e31]

Whois
PropertyValue
NameServer NS2.DNSMADEEASY.COM
Created 1994-12-22 00:00:00
Changed 2016-04-26 00:00:00
Expires 2016-12-21 00:00:00
Registrar TUCOWS DOMAINS INC.

DNS Resolutions
DateIP Address
2013-04-01216.34.181.96 (ClassC)
2019-12-13216.105.38.10 (ClassC)
2021-06-23204.68.111.100 (ClassC)
2023-01-21104.18.27.198 (ClassC)
2023-01-21104.18.26.198 (ClassC)
2024-08-28172.64.153.102 (ClassC)
2024-10-14104.18.34.154 (ClassC)
2025-07-14104.18.21.237 (ClassC)
2025-07-31104.18.20.237 (ClassC)

Port 443

Subdomains
DateDomainIP
test123.sf.net2025-07-10104.18.21.237
test456.sf.net2025-06-28104.18.21.237
test576.sf.net2025-06-13104.18.20.237
test57.sf.net2025-05-11104.18.21.237
code.sf.net2025-07-21216.34.181.154
hg.code.sf.net2025-07-22216.105.38.18
svn.code.sf.net2025-06-04216.105.38.41
git.code.sf.net2025-07-22216.105.38.16
excellmedia.dl.sf.net2025-07-22202.153.32.19
sitsa.dl.sf.net2025-07-08190.105.216.43
unlimited.dl.sf.net2025-07-05185.119.90.247
onboardcloud.dl.sf.net2025-07-18202.79.180.253
netcologne.dl.sf.net2025-07-1178.35.24.122
cyfuture.dl.sf.net2025-07-2249.50.119.27
cytranet-dal.dl.sf.net2025-06-05162.226.127.129
liquidtelecom.dl.sf.net2025-06-16197.155.77.8
newcontinuum.dl.sf.net2025-04-0264.79.96.4
razaoinfo.dl.sf.net2025-06-15177.67.224.12
icolo.dl.sf.net2025-07-22160.119.217.198
phoenixnap.dl.sf.net2025-07-26184.164.141.26
sinalbr.dl.sf.net2025-06-15177.21.35.138
yer.dl.sf.net2025-07-2894.20.154.18
zenlayer.dl.sf.net2025-07-2298.98.48.225
deac-ams.dl.sf.net2025-07-01185.34.27.55
cytranet.dl.sf.net2025-06-15162.251.237.20
gox.dl.sf.net2025-04-02177.185.240.238
psychz.dl.sf.net2025-05-15208.87.241.191
users.sf.net2023-01-21104.18.26.198
www.sf.net2024-10-14104.18.34.154
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information