Domain > wefindco.com

More information on this domain is in AlienVault OTX

MD5	A/V
2c17ca4c2e05ef0551d7618a243466f6	[BehavesLike.Win32.AdwareNaviPromo.fh]
a95ffcb339e7daa98a2f68b65eeb64f1	[BehavesLike.Win32.Dropper.dh]
4b3a65c38e75d95843a9c165961ad34c	[BehavesLike.Win32.Dropper.dh]
e2cf4230402ab26407a344697e67c243	[Win32.Trojan.Bp-dropperv.Bzmy] [BehavesLike.Win32.Dropper.dh]
201203d5caa58c3378a75a11c0f45b3e
4c3a6b40a7dbdc977f68c149278561c0	[Troj.Downloader.Script!c] [VBS/Psyme] [JS/TrojanDownloader.Nemucod.DQ] [JS_CRYPLOD.YYSJR] [VBS.Downloader.877[h]] [JS_CRYPLOD.YYSJR] [Win32.Trojan.Raas.Auto]
ca05942d7d363c62caba7fe0c66e7770
1680835ab6998271127b9d172cf1c691	[Suspicious.Cloud.2] [Trojan/Win32.Teslacrypt]
49b620989c6b52ead93430b7685812da	[BehavesLike.JS.Downloader.xv]
f6a8270cb3b95ffaa8247f5a39181729	[Trojan/Win32.Teslacrypt]
2b8238af766a56adbd80791bc1db61c5
54ab4e1834a1d6b27b8262c05c13a926
daa226bf52632cd0346dc33af9de0d0b
6e582dcada3d533f1ef01e4d79bf5e04
3ea78b0ba30e7adee892bf1360494007
0d648fd1aa0e41715a5684d3cf5ebcd3
c1b9f230e529e85cd7ba0c86e6ec0be6	[Trojan/Win32.Teslacrypt]
1c7c453846fe873d430decc502fff97f
1c1187c0dbf9cdf8d113aa3bd42d7b3b
f94764141525ee06dd2a50cc76427eb4

Whois

Property	Value
NameServer	NS62.DOMAINCONTROL.COM
Created	2015-06-09 00:00:00
Changed	2015-06-09 00:00:00
Expires	2016-06-09 00:00:00
Registrar	GODADDY.COM, LLC

DNS Resolutions

Date	IP Address
2015-06-11	206.190.152.224 (ClassC)
2016-03-23	107.182.238.196 (ClassC)
2019-01-28	204.11.56.48 (ClassC)
2019-06-08	204.11.56.46 (ClassC)
2019-09-07	208.91.197.46 (ClassC)
2024-12-23	104.155.138.21 (ClassC)
2025-01-24	107.178.223.183 (ClassC)
2025-05-31	34.136.111.81 (ClassC)
2025-06-14	34.132.102.6 (ClassC)
2025-08-25	34.41.139.193 (ClassC)
2025-10-01	75.2.18.233 (ClassC)
2025-12-03	52.201.53.166 (ClassC)
2025-12-29	98.82.42.139 (ClassC)
2026-01-15	54.243.117.197 (ClassC)

HTTP/1.1 200 OKDate: Sat, 08 Jun 2019 02:21:30 GMTServer: ApacheSet-Cookie: vsid926vr3075060908337106; expiresThu, 06-Jun-2024 02:21:30 GMT; Max-Age157680000; path/; domainwefindco.com; HttpOnlyX-Adbl

!--	top.locationhttp://wefindco.com/?fpi2r4Akew0hBEYPQCgxubDDZmBVgXFwsiEPUQHdmLbYeCq8zFNO6cU4U7l93ku0zcK5zt%2Fy%2BDu2qyDWrWZ45uGcG%2FUiDUHHqrNMpPCxqoS1Bd5QGiPWZFksnV6WwkkRZs8H5iWeykOxWWRdEG1ft8RMZzSszG1urO%2FkYfWGWQg%2FI%3D&prvtofqVhKho1j%2Fs6dNZZelDD8Ioa7ZSrPTLPHTTWqyxxCSlQ%3D&poruOxG7FIRQG4IIaa73JU4CImPTrktN432vzwSMxJilxgzPkyJZwX3ehoUH%2BDwWfl2U&cifr1&;	/*-->html data-adblockkeyMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ_kjRzAnGEZiSbRi1dYFwbv9De4g7xV4zUJMNEWScBjjOi/RFZ4+4OByW/N9iiGsAOXdxN5RNZU7YpL2b05wjDMg>head>				  meta http-equivContent-Type contenttext/html; charsetUTF-8>				  meta nameviewport contentwidthdevice-width>meta http-equivX-UA-Compatible contentIEEmulateIE7>script typetext/javascript>try{document.cookie  isframesetenabled1; path/;;}catch(exception){}/script>/head>frameset rows100%,* frameborderno border0 framespacing0>	frame srchttp://wefindco.com/?fpi2r4Akew0hBEYPQCgxubDDZmBVgXFwsiEPUQHdmLbYeCq8zFNO6cU4U7l93ku0zcK5zt%2Fy%2BDu2qyDWrWZ45uGcG%2FUiDUHHqrNMpPCxqoS1Bd5QGiPWZFksnV6WwkkRZs8H5iWeykOxWWRdEG1ft8RMZzSszG1urO%2FkYfWGWQg%2FI%3D&prvtofH1XraywXAc%2BqEZdb8CzbG7UavhkjJK8h%2FZo6FHVCn1w%3D&poru%2FciOPYUWU7AdEE%2BAN0%2BDs28u7JpvpLzO%2BeBALsUHzwbG%2BzaDs2D6q9j42jtlhgU3&>/frameset>noframes>	body bgcolor#ffffff text#000000>	a hrefhttp://wefindco.com/?fpi2r4Akew0hBEYPQCgxubDDZmBVgXFwsiEPUQHdmLbYeCq8zFNO6cU4U7l93ku0zcK5zt%2Fy%2BDu2qyDWrWZ45uGcG%2FUiDUHHqrNMpPCxqoS1Bd5QGiPWZFksnV6WwkkRZs8H5iWeykOxWWRdEG1ft8RMZzSszG1urO%2FkYfWGWQg%2FI%3D&prvtofQ3fo0%2FdDYZzYAPyCJa5JzCN9Cv%2BcRk68N8nK7M5iQec%3D&poruaHkkG8%2FKz0k9bEltzRTVb6FQLlNwr17t%2F15m4LSICU8BzLbMM%2F%2B3cLKRwzvSGd91&>Click here to proceed/a>.	/body>/noframes>/html>!--*/-->

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > wefindco.com

Is this malicious?

Reports

Files that talk to wefindco.com

Whois

DNS Resolutions

Port 80