URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 3ileadfoundation.org
Domain registrar:Namecheap -
Domain registration date:2023-02-19 17:42:33 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2023-06-13 17:52:39 UTC
Total malware sites :1
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-06-13 17:52:53 104.21.69.108Not listedAS13335 CLOUDFLARENETn/ano
2023-06-13 17:52:47 172.67.207.111Not listedAS13335 CLOUDFLARENETn/ano

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-06-13 17:52:53https://3ileadfoundation.org/utte/OfflineBB32 geofenced js Qakbot ext Quakbot ext USA Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-06-15 15:22:4397e4cdfaa70dfb54ce3e07605aa8f13b85fff93fbf9a7e72ec7d80c6a2afb6e1zip Quakbot
2023-06-15 14:41:1327578d989ccf6bcd51a8261878473997d42e4d746f75b0447ded2238c6bc0c88zip Quakbot
2023-06-15 12:38:28a214834a9c87e8ecd2f8b01100bdf09251b81f5f6f148931b7b7858a538edf4bjs  
2023-06-15 12:18:49161529cb7c28baee604d4b0212b378951170393b1b8615ece1a6f5c18ee95793js Quakbot
2023-06-15 08:58:07d96fac49ed9b39ccb06844298d45e4e4740d718e0f9ee82262387850201095eejs Quakbot
2023-06-15 07:56:53453a9941bc55f03cab2d4e620a2003e1a392d8eeab3dbe75b5cd9d3222332e29js Quakbot
2023-06-14 18:40:0251fc3668a82a3750a2ab447d9790b66635fef171b7c7aaaf595763f52f868fc9js Quakbot
2023-06-14 13:25:538c67f76ce9c1f02e2081111bafdde75ec020bcd302ceebc22054b2ff8cf4d1ecjs Quakbot
2023-06-14 13:06:11084dbb041811f4809ed27cb8f8b31232d1df8bee00bae9a1b38eefeb2f4ffa53js Quakbot
2023-06-14 12:08:0687ea42856243dd112fed001353a87de4f12f5d3f97d6ab6129d9aa9a22ad384azip Quakbot
2023-06-14 11:41:2375b5df06f02b8a33c070e2d639e71e5d39dd00a092db107109ec362c4b34af1azip Quakbot
2023-06-14 10:49:377e1cab198ebdfb8e9928b8108e9c8018d1c7dcbb4d9097f49a04c3187da3c7cbjsQuakbot
2023-06-14 08:45:19851fd360e88d59579915ce7885ebd7f385f17accfcd3d06c321dbea96e69c960js  
2023-06-14 07:33:05759ddb59654de37cb3dcb7bd281a2e6ebd99d4b74987d6723dcd224db39dc879js Quakbot
2023-06-14 06:33:004e57148bfbd39f2bd7256784c1002c691b566dbdad8bbedbc16aff1597617529jsQuakbot
2023-06-14 05:14:36ac30912298480d45bf0f9e1c035e96da5c56cda83c13d501510cf812d0e8d113js Quakbot
2023-06-14 04:20:5963858de90c1486d4ed0fd0bf91ddb45d8623040cd5d3c6643eddf7f95251d03djsQuakbot
2023-06-14 03:28:080a8bc6c8352e1a777d3c8b26db1533e4860f1b299862012ef6d766312685e66djs Quakbot
2023-06-14 02:30:12af421ce80f44c8aa9ee3baa364b9e4b541e48198fe96894b39f62297eebf1427js Quakbot
2023-06-14 01:20:39ad89128882cc5045364c6ec03dd8bffd34f16bbfd341d0dd13fdce7a706e64b5js  
2023-06-14 00:40:25e6065951beb74e637ffa5b8ef754320d38bf53274255f15332f451291988c55ejs Quakbot
2023-06-13 22:33:3669f93a6237243fafbd9819b0e9f48146bc2bb54273b0f7ef5815edf7b0fc9626js  
2023-06-13 22:16:20e918e17a0a639c0f284a76059249a8398b71eb09bb54e4409fe6ae526a332431jsQuakbot
2023-06-13 21:35:54bc64caf34f92e2e6f063ced2c6d9e82ecfab18b7aeee5767de6094fd960d23aajs Quakbot
2023-06-13 19:07:259f254a99c8f47a850e92e8198602d17bff5202ad9baa1fe39877c2e36db17d9bjs Quakbot
2023-06-13 17:52:41011c46b580421e8680614d86ff33170e0eba2a8e1c98e6f2d87f779fa987ef3cjs