Help
RSS
API
Feed
Maltego
Contact
Domain > ns.to
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
Files that talk to ns.to
MD5
A/V
20837cfed9fcc3df5a3e414c18eff646
[
Packed.Win32.Katusha.3!O
] [
WS.Reputation.1
] [
Kryptik.CDQY
] [
TrojWare.Win32.Kryptik.CBCJ
] [
BackDoor.Slym.13873
] [
Win32.Troj.Undef.(kcloud)
] [
Backdoor:Win32/Kelihos.F
] [
Trojan/Win32.Tepfer
] [
Heur.Trojan.Hlux
] [
Trojan.Crypt_s
] [
Crypt_s.GNC
] [
Trojan.Win32.Kryptik.CBCJ
]
DNS Resolutions
Date
IP Address
2013-12-10
210.166.216.117
(
ClassC
)
2025-01-31
104.21.63.212
(
ClassC
)
Port 80
HTTP/1.1 302 FoundDate: Fri, 31 Jan 2025 21:33:12 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveCache-Control: no-cache, privateLocation: https://domains.available.forsale/ns.toSet-Cookie: XSRF-TOKENeyJpdiI6InpFR1dlaHM2enJZdU1zcTVvV21BZGc9PSIsInZhbHVlIjoiVVpLTkErY1BmOGxMc1B6QlFGSEh4MzF1QUh2cTRKWW9tSG9JMlp5NXo4MFpGaVU0ZllwdFJSbGQyZ3czK2dCTCsxb1dlOE1vUE81K0N5ekl4akU1dThpV2ZzVlZvNUdEV2dNU25ETzRrMXRiSDF1Yjg4ZnBWc2lTRC9pTGRzczQiLCJtYWMiOiJjM2QzZmUyYzZiZDJlYmI4NmUwYzA3Y2JiNTZhMDkzYjk0NTk0YjQ2NWNhYmQxNjkxOWY5Y2UyNzBjMTI3MDc3IiwidGFnIjoiIn0%3D; expiresFri, 31-Jan-2025 23:33:12 GMT; Max-Age7200; path/; samesitelaxSet-Cookie: availableforsale_sessioneyJpdiI6ImFnQ3B6WFd5Z2Jrcks4TkIwNlBZaWc9PSIsInZhbHVlIjoiS3d6TVBqTWJkaCs1UTlvZDRkckRVVzgvb3FiQlFNRzlqb2U2cUZvbDVIQUg3UVh0dVZOdnlMc1JOWGVyZFlvSlhBdVM1d0JWUDlMcmduK2hBQ1Z6ZmY1Z3NTTko0UTZBSnBpM2V1aHZ6eS9KRklQMmFOQ09nWjdDUy9PUEVDdHAiLCJtYWMiOiJlNjJkYjY3Nzg0Yjg5NmRiYTFkYzFjNzhmN2Y5NGI0N2M5ZTBmODE1YzlhZjA2N2M3OTBlY2RhNTQ2NjA1ZTE0IiwidGFnIjoiIn0%3D; expiresFri, 31-Jan-2025 23:33:12 GMT; Max-Age7200; path/; httponly; samesitelaxX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; modeblockX-Content-Type-Options: nosniffcf-cache-status: DYNAMICReport-To: {endpoints:{url:https:\/\/a.nel.cloudflare.com\/report\/v4?sOeOlkKq0vBqrKR2T1V0SMaPQA2gj9hOQia5KJ6kBI%2B9OpSYOX%2BjNuY8dyNEhXCMeuBGW3f3i7EyJDCxHRUM8oH7FtAVafYgnFE8lEkNATywbzpBffbKU5A%3D%3D},group:cf-nel,max_age:604800}NEL: {success_fraction:0,report_to:cf-nel,max_age:604800}Server: cloudflareCF-RAY: 90acd199cdba7202-SEAalt-svc: h3:443; ma86400server-timing: cfL4;desc?protoTCP&rtt10551&min_rtt10551&rtt_var5275&sent1&recv3&lost0&retrans0&sent_bytes0&recv_bytes44&delivery_rate0&cwnd246&unsent_bytes0&cid0000000000000000&ts0&x0 !DOCTYPE html>html> head> meta charsetUTF-8 /> meta http-equivrefresh content0;urlhttps://domains.available.forsale/ns.to /> title>Redirecting to https://domains.available.forsale/ns.to/title> /head> body> Redirecting to a hrefhttps://domains.available.forsale/ns.to>https://domains.available.forsale/ns.to/a>. /body>/html>
Port 443
HTTP/1.1 302 FoundDate: Fri, 31 Jan 2025 21:33:13 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-alivelocation: https://domains.available.forsale/ns.toCache-Control: no-cache, privateSet-Cookie: XSRF-TOKENeyJpdiI6InlYSklCNWc5eG9aRXBNL1VYdDd0c2c9PSIsInZhbHVlIjoiZjliN3ZGbkRoNnNEZWc4dTh2eG9zZE5tM1k1ZUFObmxzKzdma1R5N3dadytRU3V4UE0rUXUvdWxCK3JrWkVVQzlORVZXcU9aRWZGTFBtdkUzY3dady9Oa3M3MCtPcXpaWkJFaUx6d28yOFl5dmZyUjljcGVGZW53N1lBai9TMVMiLCJtYWMiOiI2MjdiOTRiOTcxZmUzMmE0N2Q1MDEzMmM3OTgzYWNlYWUwOGEwNmViNGY3NGFjN2QzNTE5NGI5NWViMWZkMTA3IiwidGFnIjoiIn0%3D; expiresFri, 31-Jan-2025 23:33:13 GMT; Max-Age7200; path/; samesitelaxSet-Cookie: availableforsale_sessioneyJpdiI6IjRsMXlEbTkzS0Q4a1pCRXV1NUI4dkE9PSIsInZhbHVlIjoiZmg2YVBWbjRBYlk0amVRL0puS1o5MWlIelhqeDNjZkRtNHVJcEN2WG1iK2RhcjMzSXBjZHpySVhHNjVDemQ4NU5ZWUJoNklSenU2T0tGeVNQWnNocFdBYUNPWEhJVWE1d2R1L3pqSW1LdmdTQ3N3bS9QR0d6Q3U1ZkdSeTlQZ1giLCJtYWMiOiIwY2E5NTQ4ZGVmZDE2ZTEzMTcyMTY2ZDllYjEzZTRlYTlhODM3YTU4NjE4MzNlYzczOGMwZjkxY2IwNzVmYzQ0IiwidGFnIjoiIn0%3D; expiresFri, 31-Jan-2025 23:33:13 GMT; Max-Age7200; path/; httponly; samesitelaxx-frame-options: SAMEORIGINx-xss-protection: 1; modeblockx-content-type-options: nosniffcf-cache-status: DYNAMICReport-To: {endpoints:{url:https:\/\/a.nel.cloudflare.com\/report\/v4?sWcaytnueAFXWxPg8Dw%2FK2KOU6HND51PwUUyLK8jZ4mrm%2Bkso8qBc%2F2AimhmYxPqOrsNVxP0rcM2mBgbpurEikJntqU5jLt8LktZQAmEuWo71%2BHJl8m%2BOJA%3D%3D},group:cf-nel,max_age:604800}NEL: {success_fraction:0,report_to:cf-nel,max_age:604800}Server: cloudflareCF-RAY: 90acd19b4b4f76a6-SEAalt-svc: h3:443; ma86400server-timing: cfL4;desc?protoTCP&rtt9466&min_rtt9156&rtt_var2785&sent5&recv6&lost0&retrans0&sent_bytes2829&recv_bytes716&delivery_rate316295&cwnd237&unsent_bytes0&cidb2971b62b0d4bf31&ts366&x0 !DOCTYPE html>html> head> meta charsetUTF-8 /> meta http-equivrefresh content0;urlhttps://domains.available.forsale/ns.to /> title>Redirecting to https://domains.available.forsale/ns.to/title> /head> body> Redirecting to a hrefhttps://domains.available.forsale/ns.to>https://domains.available.forsale/ns.to/a>. /body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]