URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	amassmodel.top
Domain registrar:	NameSilo
Domain registration date:	2023-05-07 23:09:19 UTC
Abuse complaint sent to registrar:	Yes (2024-03-12 07:18:36 UTC to abuse{at}namesilo[dot]com)
Domain registry:	TOP registry
Abuse complaint sent to registry:	Yes (2024-03-12 07:18:36 UTC to abuse{at}nic[dot]top)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-01-25 18:34:05 UTC
Total malware sites :	14
Online malware sites :	0 (0%)
Offline Malware sites :	14 (100%)
A record(s) observed :	14

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-02-22 14:01:40	104.21.68.43		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-02-22 14:01:40	172.67.186.86		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-02-22 13:22:34	195.123.210.7	vds1260551.hosted-by-itldc.com	Not listed	AS50979 ITL-LV	LV	no
2024-02-22 13:26:34	195.123.241.205	vds1256662.hosted-by-itldc.com	Not listed	AS204957 GREENFLOID-AS	US	no
2024-01-26 12:54:54	188.114.96.0		SBL686925	AS13335 CLOUDFLARENET	n/a	no
2024-01-26 12:54:54	188.114.97.0		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-01-25 18:34:07	188.114.96.3		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-01-25 18:34:07	188.114.97.3		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-01-25 19:10:51	188.114.96.9		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-01-25 19:10:51	188.114.97.9		Not listed	AS13335 CLOUDFLARENET	n/a	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-03-12 07:18:07	https://amassmodel.top/error/mimezx.scr	Offline	AgentTesla exe	abuse_ch
2024-03-12 07:05:09	https://amassmodel.top/error/poundzx.scr	Offline	AgentTesla exe	abuse_ch
2024-03-11 17:32:08	https://amassmodel.top/error/yegazx.scr	Offline	AgentTesla exe	abuse_ch
2024-03-11 17:15:11	https://amassmodel.top/error/pedrozx.scr	Offline	AgentTesla exe	abuse_ch
2024-03-09 11:47:06	https://amassmodel.top/error/wealthzx.scr	Offline	AgentTesla exe	abuse_ch
2024-03-07 14:14:09	https://amassmodel.top/error/c11zx.scr	Offline	Loki lokibot	James_inthe_box
2024-02-21 07:23:08	https://amassmodel.top/pages/catzx.exe	Offline	exe NanoCore rat	abuse_ch
2024-02-19 10:51:07	https://amassmodel.top/pages/ytpzx.exe	Offline	AgentTesla exe PureLogStealer	abuse_ch
2024-02-19 10:13:11	https://amassmodel.top/pages/bigzx.exe	Offline	exe NanoCore rat	abuse_ch
2024-01-25 18:35:10	https://amassmodel.top/_errorpages/somzx.exe	Offline	AgentTesla exe opendir	abuse_ch
2024-01-25 18:35:10	https://amassmodel.top/_errorpages/Schellingian...	Offline	exe GuLoader opendir	abuse_ch
2024-01-25 18:35:10	https://amassmodel.top/_errorpages/plugmanzx.exe	Offline	exe opendir RemcosRAT	abuse_ch
2024-01-25 18:34:07	https://amassmodel.top/_errorpages/agodzx.exe	Offline	AgentTesla Formbook opendir	abuse_ch
2024-01-25 18:34:07	https://amassmodel.top/_errorpages/zodzx.exe	Offline	exe opendir RemcosRAT	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-03-12 10:16:34	d288e4cc3b1b09a168b8a47771e2f4296890634c9f5128a1d3bbaa97d33afd90	exe		AgentTesla
2024-03-12 09:15:05	718bdf94dd3385b02256011e20334806a95a81c9f7e81abe8830b6a7514e8c9d	exe		AgentTesla
2024-03-12 07:18:07	4a116d875adbac028ee35274af2d72f9be5bd9b6306eff988b15341088277781	exe		AgentTesla
2024-03-12 07:05:09	99cba0a4969c5cf818a8f6abec732cd9976ccff9c01ce07d78e67db1c030f4ea	exe		AgentTesla
2024-03-11 17:32:08	efce051b1d799bd344d7b354e5898cccd79a0014593d2034cd6b00d01b4536f8	exe		AgentTesla
2024-03-11 17:15:11	998b69e7dc9ccb3557e67c3dea551d5485b64b985dd7ffd06f3ae258f868a88d	exe		AgentTesla
2024-03-09 11:47:06	aa99c07203568e2616875fcf1094ffc5225cc72cd31aa52658a3018991525c0f	exe		AgentTesla
2024-03-07 14:14:09	202bb0c3e66d81f1a6ae9445cb73a640eba568ae43f4078739829facfc6a4a76	exe		Loki
2024-02-21 09:41:01	e06be3822489c945623c95998caec5ed42bf81031501996861bcc8848eec4130	exe		NanoCore
2024-02-21 07:23:08	b16c9c6b0d2c5e04fd3d3bcfb9f9a8712502b99a1fea9edf9a2ff1dd1cc8ed41	exe		NanoCore
2024-02-20 09:37:08	f45bd2113210436961213be67da89161229752addb6f0e1596110400c0ee3bcb	exe
2024-02-20 03:20:37	14639e09de7a97ffa6e96fd1157dacc19c147625b3f4e221a66a4c017f367ef1	exe		AgentTesla
2024-02-19 10:51:07	420e895398b4c9524e17f6d65455eefcf288b239027494f705a62413496ec157	exe		PureLogStealer
2024-02-19 10:13:10	ee58fa913b4f5d0527453664b762b848404c19c23369ab6c4c893d55adbdde4b	exe		NanoCore
2024-01-25 18:35:10	f313ed23323b609ed09075856805772adf3487d3b565429adde2b71793cb73bf	exe		RemcosRAT
2024-01-25 18:35:10	489485f76c425b348691243b18355c39990c477483b8f2eca99d9df8225ba3f9	exe		GuLoader
2024-01-25 18:35:10	53fb5ae6197173f165b57043a1c7460bd648d0d9d4a747e906000c6495e895e1	exe		AgentTesla
2024-01-25 18:34:07	104ae348871545562f1f0a2712ddb88659fda045dd969affd79fbdc25fc7e2fd	exe		Formbook
2024-01-25 18:34:07	a686d022d2c5765b4179a7d8b8af4f4aa5fa009c255d352479ff4f7f2c578b39	exe		RemcosRAT