URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	agemn.co.za
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-01-26 16:50:17 UTC
Total malware sites :	1
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-28 01:06:47	23.227.38.65	myshopify.com	Not listed	AS13335 CLOUDFLARENET	CA	no
2022-07-02 21:37:10	41.185.8.171	srv99.hostserv.co.za	Not listed	AS36943 ZA-1-Grid	ZA	no
2021-01-26 16:50:25	41.185.8.73	srv75.hostserv.co.za	Not listed	AS36943 ZA-1-Grid	ZA	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-01-26 16:50:25	https://agemn.co.za/zk58h95.rar	Offline	Dridex payload	Myrtus0x0

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-01-08 21:15:06	b1b01b21d54f17dbf359873c561fd1c6ebe67c8f4f1b0497a97c3134a8bf0313	dll
2023-11-17 00:32:43	f3141c9f870fbc29e0bd1f1ea41717953ddc429f46981d251e9cab4305d8b538	dll
2022-03-16 01:22:28	b4d6fd6e3bd866c9f4d7d0327ef54786e775195c4b5f9c22953d749e83f6dfa5	dll
2021-01-26 16:50:24	cfcc473a5f83f83517a1c4917dd2c330be6252bc95fcf176e9b783fb694f6f31	dll	Dridex