URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	0had.com
Domain registrar:	Namecheap
Domain registration date:	2023-05-09 21:25:28 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-04-18 15:55:06 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	17

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-05-09 21:39:53	199.59.243.225		Not listed	AS16509 AMAZON-02	US	no
2024-05-05 01:30:17	188.68.222.239	swark.art	Not listed	AS49505 SELECTEL	RU	no
2024-04-30 15:07:07	193.233.193.74		SBL648014	AS135330 ADCDATACOM-AS-AP	HK	no
2024-04-30 13:07:55	45.151.144.77		Not listed	AS214822 MTFINANCE-AS	RU	no
2024-04-30 08:11:27	213.226.112.168		Not listed	AS214822 MTFINANCE-AS	RU	no
2024-04-29 10:09:31	31.41.44.166	ogainewvvank.example.com	Not listed	AS56577 ASRELINK	RU	no
2024-04-26 19:15:56	45.135.233.113		Not listed	AS214822 MTFINANCE-AS	RU	no
2024-04-25 10:06:55	195.58.54.171		Not listed	AS214822 MTFINANCE-AS	RU	no
2024-04-24 09:09:00	31.41.44.162	kamenevueh.example.com	Not listed	AS56577 ASRELINK	RU	no
2024-04-22 14:20:56	31.41.44.153	tagamihavqv.example.com	Not listed	AS56577 ASRELINK	RU	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-04-18 16:55:07	http://0had.com/stage2	Offline		NDA0E
2024-04-18 16:55:07	http://0had.com/DisabilityCharge.exe	Offline	Rhadamanthys	Anonymous
2024-04-18 15:55:23	http://0had.com/stage	Offline		NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-04-18 16:55:07	fe6328938db1b9c8e3e8b1a92f0cc5ac28a6fd5e0c7e40c521f7b0f408e63c3f	exe
2024-04-18 16:55:07	35ed65d9919843300db648bf93ae57d7330095eb1ce18d6c6050db88a2e4f297	exe		Rhadamanthys
2024-04-18 15:55:13	f288b51bbbec3bc248342fd71d49cc759615f24251d02524a1e49b18f6dab7ba	exe