URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	bluestaks.novationgroups.com
Domain registrar:	NameSilo
Domain registration date:	2016-10-12 19:59:06 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-06-15 10:29:11 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-06-15 10:29:20	50.31.188.9	lake15.banahosting.com	Not listed	AS23352 SERVERCENTRAL	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-16 04:21:21	http://bluestaks.novationgroups.com/post/p5zl9b...	Offline	32 CoinMiner exe	zbetcheckin
2023-06-15 10:35:21	https://bluestaks.novationgroups.com/post/Clipp...	Offline	exe LaplasClipper	vxvault
2023-06-15 10:33:11	https://bluestaks.novationgroups.com/post/Upsho...	Offline	exe	vxvault
2023-06-15 10:29:20	https://bluestaks.novationgroups.com/post/p5zl9...	Offline	CoinMiner exe	vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-06-18 15:59:52	d0873782fa5d4851ddd95e98767467d177e1b42a684b202cd681968ea2ece832	exe		CoinMiner
2023-06-18 15:46:04	d0873782fa5d4851ddd95e98767467d177e1b42a684b202cd681968ea2ece832	exe		CoinMiner
2023-06-18 14:26:48	40cf89b7df3ba8efd66d6f9894a0929b642c6e59ac3fe958ae829729c34004c2	exe
2023-06-18 01:04:40	63466d33b3b55eac62d630f950e0c423b08eae7d2d555cb715594f5d219e53cf	exe
2023-06-18 01:01:07	63466d33b3b55eac62d630f950e0c423b08eae7d2d555cb715594f5d219e53cf	exe
2023-06-18 00:57:55	f57b827ade6953b24e048778e9b1e6415d524d410bfc2b4eca39e2fb849df824	exe
2023-06-17 13:58:10	d83beae3a3b644b8bc5c394dde2606ddababe3696986386e26bd6daed92ce80d	exe
2023-06-17 13:36:08	ab1aeb0415659b9300a49f8ad3162c8193b79759b05c9077ba5e0e9f918c9d7c	exe
2023-06-17 13:13:21	d83beae3a3b644b8bc5c394dde2606ddababe3696986386e26bd6daed92ce80d	exe
2023-06-16 22:25:59	ef543bf69789486fc724e0c42f2a09a0318af27f6a3bb1889bf7db6d89fd1b9a	exe
2023-06-16 21:13:25	a6734f7888870bb71002eb528eb1b175b6bcaaf77d216dddd54b13ca967bdfb6	exe
2023-06-16 21:11:08	ef543bf69789486fc724e0c42f2a09a0318af27f6a3bb1889bf7db6d89fd1b9a	exe
2023-06-16 04:21:21	8e12d8cb25a85392d8e14d429b725c635776731d1546ad5d8c88afb09e8e2856	exe
2023-06-15 20:51:59	682dc9f1350f3cfab2740e249fc00639927e0a53e8598e07611425dad2821719	exe
2023-06-15 16:22:29	8e12d8cb25a85392d8e14d429b725c635776731d1546ad5d8c88afb09e8e2856	exe
2023-06-15 16:11:36	c75bdec56546a04ea55f2c9a987917c01f84bcd82c8ed8250cf430217379a575	exe
2023-06-15 10:35:21	71acc9e68e019bd99d89f1bc2efa859bdb16b13cb69abb02dba8b993265aed6e	exe		LaplasClipper
2023-06-15 10:33:11	97c71e5a2800a340deda33eab2c85cd7e06201745700fe5add40b84572b0c46c	exe
2023-06-15 10:29:14	9d3024dd0ebf3f5d7d455f4bf04fa60040c67b5f5d253ee492e8bea8687d6f71	exe		CoinMiner