Help
RSS
API
Feed
Maltego
Contact
Domain > mega.ru
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
Files that talk to mega.ru
MD5
A/V
14a2291e48bd02b528d0c018fee03e86
[
HW32.CDB.A3eb
] [
Packed.Win32.Katusha.3!O
] [
WS.Reputation.1
] [
Kryptik.CDQY
] [
TrojWare.Win32.Kryptik.CBCJ
] [
Trojan.Packed.26581
] [
Win32.Troj.Undef.(kcloud)
] [
Backdoor:Win32/Kelihos.F
] [
Trojan/Win32.Tepfer
] [
W32/Trojan.XULT-7356
] [
Heur.Trojan.Hlux
] [
Trojan.Crypt_s
] [
W32/Kryptik.CBCJ!tr
] [
Crypt_s.GNC
]
DNS Resolutions
Date
IP Address
2013-07-23
212.5.70.78
(
ClassC
)
2025-01-18
185.157.124.239
(
ClassC
)
Port 80
HTTP/1.1 301 Moved PermanentlyServer: nginx/1.22.0Date: Sat, 26 Aug 2023 23:16:17 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-aliveLocation: https://mega.ru/ html>head>title>301 Moved Permanently/title>/head>body>center>h1>301 Moved Permanently/h1>/center>hr>center>nginx/1.22.0/center>/body>/html>
Port 443
HTTP/1.1 200 OKServer: nginx/1.22.0Date: Sat, 26 Aug 2023 23:16:18 GMTContent-Type: text/htmlContent-Length: 788Connection: keep-aliveExpires: Thu, 01 Jan 1970 00:00:01 GMTCache-Control: no-cacheStric html>body>setting cookie...script typetext/javascript src/aes.min.js >/script>script>function toNumbers(d){var e;d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d,d1arguments.length&&arguments0.constructorArray?arguments0:arguments,e,f0;fd.length;f++)e+(16>df?0:)+df.toString(16);return e.toLowerCase()}let date new Date(Date.now() + 86400e3); date date.toUTCString(); var a toNumbers(3f88005b49650898b6a13ea9d8b2eee4), b toNumbers(923bab7348a8f758a47933d8530a0533), c toNumbers(6ebadb73536b15227c9ec004e327f534); document.cookie bx_andd_41232 + toHex(slowAES.decrypt(c, 2, a, b)) + ; expires + date + ; path/;document.location.hrefhttp://mega.ru/?att1;/script>/body>/html>
Subdomains
Date
Domain
IP
mx1.mega.ru
2014-06-18
212.5.70.75
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]