URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	151-248-126-126.cloudvps.regruhosting.ru
Domain registrar:	REG.RU
Domain registration date:	2008-04-17 20:00:00 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-09-02 11:55:04 UTC
Total malware sites :	6
Online malware sites :	0 (0%)
Offline Malware sites :	6 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-09-02 11:55:06	151.248.126.126	151-248-126-126.cloudvps.regruhosting.ru	Not listed	AS197695 AS-REGRU	RU	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-09-02 11:55:09	http://151-248-126-126.cloudvps.regruhosting.ru...	Offline	exe RedLineStealer	abuse_ch
2022-09-02 11:55:07	http://151-248-126-126.cloudvps.regruhosting.ru...	Offline	exe RedLineStealer	abuse_ch
2022-09-02 11:55:06	http://151-248-126-126.cloudvps.regruhosting.ru...	Offline	ArkeiStealer exe	abuse_ch
2022-09-02 11:55:06	http://151-248-126-126.cloudvps.regruhosting.ru...	Offline	exe RedLineStealer	abuse_ch
2022-09-02 11:55:06	http://151-248-126-126.cloudvps.regruhosting.ru...	Offline	exe RedLineStealer	abuse_ch
2022-09-02 11:55:06	http://151-248-126-126.cloudvps.regruhosting.ru...	Offline	exe RedLineStealer	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-09-02 17:30:21	f2add2d37579146d20f376689d92df39799c6ee793e634c5ddb2c727fa2095a6	exe		ArkeiStealer
2022-09-02 17:20:28	bbd907f50c5a9cabec25d60acc0f7ee8970ae72cde8ec7d9312eac6c90eb61f5	exe		RedLineStealer
2022-09-02 17:20:28	846f2a33c5ab5bee344ec2f25ae66995bdfc4f2487d3d90f85b5420ad13f6847	exe		RedLineStealer
2022-09-02 11:55:09	bdabbae443ffe63fbd032496c682aa68d8ecf79c330c0a9cc0e7909e38d0d2d1	exe		RedLineStealer
2022-09-02 11:55:07	75110fbb8b6e18e5c4a4496b908f87b7511497590b9531fb4c69d38a57582d49	exe		RedLineStealer
2022-09-02 11:55:06	1d6f39132b603b5e70cbf8cf56c2470717a4ec85e79ec13fb99766b267ff0fd7	exe		RedLineStealer
2022-09-02 11:55:06	5c6ce2129dc5c47f5ba32da5704fba5e2b287a04d191362d8a8e5f7aaeabaee4	exe		RedLineStealer
2022-09-02 11:55:05	640f85627d4c75d682f8bd87e4cb6c72c52e6cd661e3165a8131a37fe5a0d808	exe		ArkeiStealer
2022-09-02 11:55:05	7eb2a5f28858a1cac0d7628c8ad1846006af1fb60c0d22f71e240b1216b1a529	exe		RedLineStealer