URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	app.rtpdgox.info
Domain registrar:	Public Domain Registry
Domain registration date:	2023-12-28 08:06:13 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-10-12 04:04:04 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-10-12 04:04:06	147.45.47.185		SBL647085	AS200195 VERASEL	RU	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-10-19 13:59:06	http://app.rtpdgox.info/css/54f0fa329a53.exe	Offline	exe	abus3reports
2024-10-19 13:59:04	http://app.rtpdgox.info/player/6706ad721d914_Ju...	Offline	exe	abus3reports
2024-10-12 04:54:07	http://app.rtpdgox.info/css/67065b4c84713_Javil...	Offline	32 exe	zbetcheckin
2024-10-12 04:49:09	http://app.rtpdgox.info/css/0a839761915d.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-10-12 04:04:06	http://app.rtpdgox.info/css/67065a0933c9e_UUESU...	Offline	32 exe	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-10-16 05:48:21	0da3870c581db83c2bee3c8bde48204a1e9eade5dbbb56d4d6039f8e3dbbbc2d	exe
2024-10-15 00:56:44	1c830eedba11e7b5c98af40e7f4d562c53026989f8ca4af7b735efc6a5962c72	exe
2024-10-13 10:13:58	df708669748da15221b332a5333132c5d04adf1d1efcd2c0f01092fadaf87507	exe		LummaStealer
2024-10-13 07:53:42	604aa4c66702122708d2f539329af653c9f0b3b231aefe52f9343f9650ed0133	exe
2024-10-13 04:44:12	dfe63c640589833895d89ceeb2b9e1a34bc3cb747712ebabcb46fe61c54138f8	exe
2024-10-13 02:42:17	cc5cc57209ea3ad2552fed7429e10ed5e592c2e4d130a4d698ed3995d90a8f7c	exe
2024-10-13 00:28:33	6ad3d3aed964bce74d1fac7a1856eddbd84e26b510cf89ceab24580ce78ac5a4	exe
2024-10-12 20:28:07	880c7ee9b5f06130d090b2ebfccd73e7127e1b605db2a3a84da2ac7923d4a0c2	exe
2024-10-12 20:14:11	6773123ffd9b843726dff04f4c3eca5051dbdd18d5519f37b2fd28aa4af66461	exe
2024-10-12 16:10:07	176a8d1f95a48e830511b3b71b7072ff88d8ac34c5b9ca4aeade832101360cfb	exe
2024-10-12 14:48:50	6491d7f9887c119e17104f3145693089b1c83c217a7616a31b219154f8794b0c	exe
2024-10-12 11:54:15	bb13b8d854de9343d4954d773416ccbe720ed09a6bd6221fb23f8f22c974a1e6	exe
2024-10-12 09:27:32	a460c28ef668daa443793a4a85494c0cd7da29f8a4148581515dc786d6fe4789	exe		LummaStealer
2024-10-12 08:56:42	435b15850018c02df0118f5f03175daf2c9428333a210e70b8b496b563509012	exe		LummaStealer
2024-10-12 06:31:36	a2d2d18d0327596f73814cc6bdf9954e76716987418362879710c58a3f6c6eed	exe		LummaStealer
2024-10-12 04:54:07	f1417213f43cad96ecab7f83251b963706b22e4ebe4e6b34080fc6227ee359b3	exe
2024-10-12 04:49:08	5744877c48b6e0cb978299855f06eaea0724e66667871756b04ee19f75486026	exe		LummaStealer
2024-10-12 04:04:06	3088b0302d4b38c63ef4fead57aa6049da2cc62bf9f4a5d9331552c84fe516e6	exe