Domain > rb.ru

More information on this domain is in AlienVault OTX

Files that talk to rb.ru

MD5	A/V
db5b440f6419090cd9567f3b33fd3ced	[Malware.Packer.HGX1] [BackDoor.SlymENT.1498] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
2c05ffe297116df3062faac792c44c91	[HW32.CDB.B4b9] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [UnclassifiedMalware] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC] [Win32/Trojan.0de]
dde053529fc90359815908c8ee1def65	[FakeSecTool-FCX!DDE053529FC9] [Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.XPACK/RDM!5.1]
45e45d9707887dc0cc0da495b7968acd	[FakeSecTool-FCX!45E45D970788] [Malware.Packer.FFS] [BackDoor.SlymENT.2075] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.XPACK/RDM!5.1]
0d42b2efd88f95f4d5af60b548d7290a	[FraudTool.Security] [W32/Tepfer.MQ!tr] [Win32/Cryptor]
14b43203abd10b893244fc8ac8d5f531	[HW32.CDB.F55f] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [UnclassifiedMalware] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC] [Win32/Trojan.0de]
5ea646ffdc1e9bc7759fdfc926de7660	[PWS-FASY!5EA646FFDC1E] [Malware.Packer.EGX7] [Password-Stealer] [Trojan] [Hlux.XD] [Trojan-PSW.Win32.Tepfer.ijnk] [BackDoor.Slym.1498] [TR/Rogue.14575.23] [Heuristic.BehavesLike.Win32.Suspicious-BAY.G] [Troj/Tepfer-Q] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Foreign] [HeurEngine.MaliciousPacker] [Win32/Kelihos.F] [Trojan-PWS.Win32.Tepfer] [W32/Kryptik.X!tr] [Trj/Tepfer.B]
292ad75fbab2288a453c7f7db162eed0	[HW32.CDB.A2b5] [Packed.Win32.Katusha.3!O] [Backdoor.Hlux!xuwpKhCjMA8] [WS.Reputation.1] [Kryptik.CDQY] [Backdoor.Win32.Hlux.dqzg] [UnclassifiedMalware] [Trojan.Packed.26581] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [W32/Trojan.HATR-5126] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.Aj] [Win32/Trojan.112]

DNS Resolutions

Date	IP Address
2013-11-27	87.242.76.145 (ClassC)
2022-01-30	172.64.134.27 (ClassC)
2024-08-26	104.21.234.199 (ClassC)
2024-12-27	104.21.234.198 (ClassC)
2025-07-11	45.154.75.155 (ClassC)
2026-02-25	93.185.164.193 (ClassC)

HTTP/1.1 403 ForbiddenDate: Sun, 27 Aug 2023 14:57:18 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: closeCross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-P

!DOCTYPE html>html langen-US>head>title>Just a moment.../title>meta http-equivContent-Type contenttext/html; charsetUTF-8>meta http-equivX-UA-Compatible contentIEEdge>meta namerobots contentnoindex,nofollow>meta nameviewport contentwidthdevice-width,initial-scale1>link href/cdn-cgi/styles/challenges.css relstylesheet>/head>body classno-js>div classmain-wrapper rolemain>div classmain-content>noscript>div idchallenge-error-title>div classh2>span classicon-wrapper>div classheading-icon warning-icon>/div>/span>span idchallenge-error-text>Enable JavaScript and cookies to continue/span>/div>/div>/noscript>/div>/div>script>(function(){window._cf_chl_opt{cvId: 2,cZone: rb.ru,cType: managed,cNounce: 55506,cRay: 7fd52a89c96ec6b5,cHash: 3bc9cfcc73ea63c,cUPMDTk: /?__cf_chl_tkuEeZ8aCjvR4QYeGhgRkTO4bTkv0LrZTsyGKICtWyJsU-1693148238-0-gaNycGzNCFA,cFPWv: g,cTTimeMs: 1000,cMTimeMs: 0,cTplV: 5,cTplB: cf,cK: ,fa: /?__cf_chl_f_tkuEeZ8aCjvR4QYeGhgRkTO4bTkv0LrZTsyGKICtWyJsU-1693148238-0-gaNycGzNCFA,md: w1IvSAE9eQ5nd_EqIXNbk_yyuPFRVLx2QMaP7VjxNs4-1693148238-0-AYD7coU_kUzN-0t3WLT2vZTdANWgb-FqdqXqnZ2H85nxcDuk40M_udE19KDgZWzkQ9LRZ22MRR-oGYK-8VPZrSBaoMXcdFAdH-0JpZhf936GdKMeTXPXg13LyYt0dxmLP_V3PlaXp8RvZba3vHkHvuJpT4BMpJBdcG4l6v4bJq6B0YtPvpr0hy_j936JzgjeOWGMtj0N2IgA34wCfBLYdRKRd3kZ405jYxpXwI0IAMNxd4vK8jlAvM4cjdriiTxdazNQTwj_D2KBGZfweT6pdE3wCcxBbwrgBbDAgPTTLweCOKY_bwKNZeHrp6vHieNsmjReT2lfQfNH1Lik6ZC_BVIgf_UK4_7z-nwwUwD63MqXtdARTF7hjfQMImX5ZboV1jn99eDlBaD_3x0MHJuoVKBVryfr1Km8NJ04eWYZMbQZK9rLqYqFJDv72kw3DiHHrOxsRZ8sOyJW3XRUZukFWjPyczOYhgeR-MkJlutK3Mmft9dXM1sZHcjmkg0DLrioLehDAub1JePvQ1gfzKe7Fwod9orN1oIu6lIW44ZX9yK7NB6buiW-a6i6i-3xfHoXMYREhQrrDT6iS12V9MqBDtn0LPggWi4Y1AaH88Cw8tBw_bChyVJUyI1oWzrfl5PZxuT58TbMqTNv8S4DThj68sOZbImkJgD0jK8_ykXxGqofa_f-i8XlA4sQY3k1Xp5N7oLi9hzWuDbPn3MgZSSPIS5LW2gWXJeBuocEoZyc6rlXG7WPlJNkxRAaTm-JO6vBB3s3QquRZAVWJXDKg-7C9xBET2J3ZoQ7sCUQe5n-pQaivGwLq3Wh0AtnevdqAZbnI4S3XeOdJTL2ZwUK189AB-ndgQC35w2g3mY-U8EvQJBRv5uoYnF3FD2SBHTIW1bh1aWSAPg2TL8hJAD4NjQfZg_FF6VL2FS5Fcxc0eNlTzSpgiBBX4KoTPNv6HBYbKznaHpxClLuX-l318kTyQrUKHHJPQnzyKxKg20e

Subdomains

Date	Domain	IP
mail.rb.ru	2013-05-16	193.233.144.7

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > rb.ru

Is this malicious?

Files that talk to rb.ru

DNS Resolutions

Port 443

Subdomains