Domain > myexternalip.com

MD5	A/V
ea2d03fe41db2ff3e5b29c1a08c84217	[TR/Crypt.ZPACK.125365] [TrojanRansom.Crowti.A4] [Win32/Kryptik.CWZM] [W32/Kryptik.CXBS!tr] [Crypt3.BXSF] [Trojan.Win32.Crypt] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
1de86948dd9570631ecdefe9b5996847	[TR/Crypt.Xpack.138415] [Win32/Tnega.cKUZYdD] [Win32/Kryptik.DAVX] [W32/Kryptik.CWSU!tr] [Crypt3.BWMP] [Trojan.Win32.Crypt] [Ransom-FWE!1DE86948DD95] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-Z] [Trojan.Asprox.B]
829cd977ecb35878443c0cbb2dd2af35	[TR/Crypt.Xpack.139927] [Win32/Tnega.UDAVCWB] [TrojanRansom.Crowti.A4] [Win32/Kryptik.CWTY] [W32/Kryptik.CXBS!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWF!829CD977ECB3] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
5e79c6c2ce384ce40b680586d0c98a32	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Trojan.Betabot.3] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!5E79C6C2CE38] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
d38c175edab5b364fe19699932a79331	[TR/Crypt.Xpack.90303] [Win32/Tnega.JbVcXI] [Win32/Kryptik.CZAI] [W32/Kryptik.CXRU!tr] [Crypt3.BZQV] [Trojan.Win32.Crypt] [Ransom*Win32/Crowti] [Mal/Wonton-AN]
1013486c1a4c4b60de39fe804c1c6bba	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!1013486C1A4C] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
9f683591b7b156f44c902776a0d75f03	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!9F683591B7B1] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
316dbc992b37e19fb6741f286b96c5d4
b57261e61e1593d2db3e4ee8d5a67a22	[TR/Crypt.Xpack.139927] [Win32/Tnega.UDAVCWB] [TrojanRansom.Crowti.A4] [Win32/Kryptik.CWTY] [W32/Kryptik.CXBS!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWF!B57261E61E15] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
fc7ce2f21e8366b9c671241a3cf5195c	[TR/Crypt.Xpack.138415] [Win32/Tnega.cKUZYdD] [Win32/Kryptik.DAVX] [W32/Kryptik.CWSU!tr] [Crypt3.BWMP] [Trojan.Win32.Crypt] [Ransom-FWE!FC7CE2F21E83] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-Z] [Trojan.Asprox.B]
fdbe707910870ba2467596164e8e5222
a27a377c673b0d9cf709cc413924037c	[TR/Crypt.ZPACK.125052] [TrojanRansom.Crowti.A4] [Trojan.Encoder.514] [Win32/Kryptik.CWWK] [W32/Kryptik.CXFI!tr] [Crypt3.BXBZ] [Trojan.Crypt] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Infostealer.Limitail]
e6b37becbc6fae7e58db75e9b2a66934	[TR/Crypt.Xpack.75480] [W32/Kryptik.CXRU!tr] [Crypt3.BZQV] [Trojan.Win32.Crypt] [Trojan-Ransom.Win32.Foreign.lmkk] [Ransom*Win32/Crowti.A] [Mal/Wonton-AN]
8a50a392b230b67e6e5e0f7002bdbff0	[TR/Crypt.Xpack.138415] [Win32/Tnega.cKUZYdD] [Trojan.DownLoad3.35619] [Win32/Kryptik.DAVX] [W32/Kryptik.CWSU!tr] [Crypt3.BWMP] [Trojan.Win32.Crypt] [Ransom-FWE!8A50A392B230] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-Z] [Trojan.Asprox.B]
bed8dbc8379dd8294e74582a82544676	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!BED8DBC8379D] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
ca51840439d19e70001c4e8038b7c102	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!CA51840439D1] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
8ea6b7d90d3a25f743af9f70f1387689	[Trojan.MSIL.Kryptik.bjh] [Tool.MailPassView.236] [Mal/Limitles-A] [Artemis!8EA6B7D90D3A] [MSIL6.EMJ]
f6ce84c87e4b438380a58d64291cd085	[TR/Crypt.ZPACK.125365] [TrojanRansom.Crowti.A4] [Trojan.Packed.18626] [Win32/Kryptik.CWZM] [W32/Kryptik.CXBS!tr] [Crypt3.BXSF] [Trojan.Win32.Crypt] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
ed526538cfac7e20609543542bc87c50	[TR/Crypt.Xpack.140093] [Win32/Tnega.dHROTLB] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!ED526538CFAC] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
a746353639462342a94f006041e0dfcf	[TR/Crypt.ZPACK.71793] [W32/Kryptik.CXRB!tr] [Crypt3.BZOM] [Trojan.Win32.Crypt] [Trojan-Ransom.Win32.Foreign.lmjn] [Ransom-FWP!A74635363946] [Trojan*Win32/Fleercivet] [Mal/Wonton-AN]

Whois

Property	Value
Email	info@2hoch5.com
NameServer	ROBOTNS2.SECOND-NS.DE
Created	2010-08-02 00:00:00
Changed	2014-08-03 00:00:00
Expires	2015-08-02 00:00:00
Registrar	HETZNER ONLINE AG

DNS Resolutions

Date	IP Address
2015-02-26	81.169.172.124 (ClassC)
2018-12-27	78.47.139.102 (ClassC)
2020-09-11	216.239.32.21 (ClassC)
2020-11-30	216.239.36.21 (ClassC)
2020-12-20	216.239.34.21 (ClassC)
2021-02-17	216.239.38.21 (ClassC)
2021-03-26	34.117.59.81 (ClassC)
2024-07-11	34.117.118.44 (ClassC)
2025-11-17	34.160.111.145 (ClassC)

Port 80

HTTP/1.1 200 OKDate: Tue, 14 May 2019 20:36:56 GMTContent-Type: text/html; charsetutf-8Content-Length: 47664Vary: Accept-EncodingAccess-Control-Allow-Origin: *X-Frame-Options: DENYVia: 1.1 google

!DOCTYPE html>html langen>head>    meta http-equivContent-Type contenttext/html; charsetUTF-8>    title>My External IP address -  52.40.234.105 /title>    meta nameviewport contentwidthdevice-width, initial-scale1>    link href/styles/style.css relstylesheet typetext/css>/head>body onloadprettyPrint()>    div idwrapper>        div idheader>            ul idnavi>                li classfirst>a href/ titlehome>home/a>/li>                li>a href#about titlewhat is myexternalip all about?>about/a>/li>                li>a href#news titlenews / new features>news/a>/li>                li>a href#howto titlehow to use myexternalip>howto/a>/li>                li>a href#raw titlethe raw ip relnofollow>raw/a>/li>            /ul>            h1>My External IP address is span classdots>.../span>/h1>        /div>        div idcontent>            hr>            textarea idip data-ip96.245.80.112 cols81 rows1 autofocus readonly onclickthis.setSelectionRange(0, 9999);>52.40.234.105/textarea>            div idport data-port41480>Port: 41480/div>            hr>            h2 idabout>What is em>My External IP/em> all about?/h2>            p> Every device connected to a network which uses the a hrefhttps://myexternalip.com/>Internet                    Protocol/a>                has an unique a hrefhttp://en.wikipedia.org/wiki/IP_address>IP address/a> assigned to it. The                global                pool of such interconnected networks is known a hrefhttp://en.wikipedia.org/wiki/Internet>the                    internet/a>. /p>            p> Sometimes, when looking at it from the outside of the network, the IP address of a device seems to be                different from the one assigned in the original (sub)network. This is due some mechanisms such as a                    hrefhttps://myexternalip.com/>NAT/a>. /p>            p>em>My External IP/em> displays the IP address of the device as it seems from em>the outside/em>                (hence                em>external/em>). /p>            hr>            h2 idnews>News / New Fe

Port 443

HTTP/1.1 200 OKDate: Tue, 14 May 2019 20:36:56 GMTContent-Type: text/html; charsetutf-8Content-Length: 47664Vary: Accept-EncodingAccess-Control-Allow-Origin: *X-Frame-Options: DENYVia: 1.1 google

Subdomains

Date	Domain	IP
4.myexternalip.com	2024-07-05	34.117.118.44
v4.myexternalip.com	2024-06-26	34.117.118.44
ipv4.myexternalip.com	2024-06-26	34.117.118.44
6.myexternalip.com	2024-07-13	34.117.118.44
ipv6.myexternalip.com	2024-09-14	34.160.111.145
api.myexternalip.com	2025-01-22	34.160.111.145
w.myexternalip.com	2024-12-28	34.160.111.145
ww.myexternalip.com	2024-12-28	34.160.111.145
www.myexternalip.com	2015-05-17	81.169.172.124

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > myexternalip.com

Is this malicious?

Reports

Files that talk to myexternalip.com

Whois

DNS Resolutions

Port 80

Port 443

Subdomains