URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	1filesharing.ga
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-05-21 10:22:48 UTC
Total malware sites :	8
Online malware sites :	0 (0%)
Offline Malware sites :	8 (100%)
A record(s) observed :	22

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-06-12 05:52:17	84.38.180.221		Not listed	AS49505 SELECTEL	RU	no
2020-06-12 04:37:21	80.249.144.167	hutshotres.ru	Not listed	AS49505 SELECTEL	RU	no
2020-06-10 15:58:25	31.184.254.119	d66k4bwxpa0b4olx.com	Not listed	AS49505 SELECTEL	RU	no
2020-06-09 13:59:39	84.38.181.63	empresa10.departamentofiscal.cash	Not listed	AS49505 SELECTEL	RU	no
2020-06-08 13:13:25	80.249.146.199	ulbs.ru	Not listed	AS49505 SELECTEL	RU	no
2020-06-08 09:11:27	84.38.183.208	cloud14672.megaproduto1.com.br	Not listed	AS49505 SELECTEL	RU	no
2020-06-07 12:25:42	80.249.146.57	swark.art	Not listed	AS49505 SELECTEL	RU	no
2020-06-04 17:02:55	84.38.181.216	dfk7s1wudhubgv87.com	Not listed	AS49505 SELECTEL	RU	no
2020-06-03 06:49:30	188.68.221.31	d2luclyxy2mzbmxb.com	Not listed	AS49505 SELECTEL	RU	no
2020-06-03 04:10:46	84.38.182.9	daqj9aj8xv5hfglq.com	Not listed	AS49505 SELECTEL	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-06-10 05:34:07	http://1filesharing.ga/SD3/InvoiceFB1.exe	Offline	Formbook	P3pperP0tts
2020-06-09 13:14:11	http://1filesharing.ga/cryptd/b2bsellerWebXpo_u...	Offline	encrypted GuLoader	abuse_ch
2020-06-09 10:10:09	http://1filesharing.ga/SD3/PInvoiceFB2.exe	Offline	exe Formbook	abuse_ch
2020-06-01 08:32:30	http://1filesharing.ga/cryptd/1FilesSharingLoky...	Offline	encrypted GuLoader	abuse_ch
2020-05-22 10:25:16	http://1filesharing.ga/cryptd/1FilesSharingLoky...	Offline	encrypted GuLoader	abuse_ch
2020-05-22 09:04:18	http://1filesharing.ga/cryptd/1FilesSharingLoky...	Offline	encrypted GuLoader	abuse_ch
2020-05-21 19:17:10	http://1filesharing.ga/cryptd/1FilesSharingLoky...	Offline	encrypted GuLoader	abuse_ch
2020-05-21 10:22:49	http://1filesharing.ga/cryptd/1FilesSharingLoky...	Offline	encrypted GuLoader	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-06-10 05:34:07	5ac464b04f871540a52fb5c7e8349f1bd7856a9e6f6d63eadd61755637e7d1da	exe	Adware.Generic
2020-06-09 13:14:11	2de07c8c36dc4cb6793d4989cc0505b61cd6e12a32bb47bd3a87da0a2c365dfc	unknown
2020-06-09 10:10:09	52ea3c1f51eb3a8920e2895ebe7d54ed9b010407775434da9c47fdeceae7af84	exe	FormBook
2020-06-01 08:32:30	e9edeea2a1a4cefc2cde4d0d3de0522592f586ab4c3f64c2ab6a34b645f61f7d	unknown
2020-05-22 10:25:16	083ec7ca329f4e04380f014dcdd01e066081480e3e600079578555d83ab79cfa	unknown
2020-05-22 09:04:18	34207ec406bce34c0ce315153de913c70256c658ae812ee8ba5d8d75b6141d35	unknown
2020-05-21 19:17:10	4450a5bf4f9a100c7e9b471cb198bc3f45305bb21834a2e4f1a907ab0e1f9df9	unknown
2020-05-21 10:22:49	167cb1ef33260829f79f705f7b199f4bcbc197bd9e99feea1103e53603cc6fd6	unknown