URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	cdn-download.top
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-01-25 11:53:12 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	28

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-31 14:46:30	8.218.208.240		Not listed	AS45102 ALIBABA-CN-NET	HK	no
2025-05-31 14:46:30	47.91.170.222		Not listed	AS45102 ALIBABA-CN-NET	HK	no
2025-05-31 14:46:30	47.76.127.217		Not listed	AS45102 ALIBABA-CN-NET	HK	no
2023-02-08 18:54:52	176.124.193.54		Not listed	AS212165 kvmka	RU	no
2023-02-08 18:01:31	93.189.41.212		Not listed	AS41853 NTCOM-AS	RU	no
2023-02-08 10:08:06	185.251.89.110	vmta176.85.lstrk.net	Not listed	AS35278 SPRINTHOST	RU	no
2023-02-08 09:48:48	176.124.193.50		Not listed	AS212165 kvmka	RU	no
2023-02-08 08:01:14	176.124.193.35	63780.cloudx.site	Not listed	AS212165 kvmka	RU	no
2023-02-08 04:11:12	46.173.218.92	halney.com	SBL668586	AS47196 Garant-Park-Internet	RU	no
2023-02-08 03:03:19	185.251.90.254		Not listed	AS35278 SPRINTHOST	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-01-27 08:47:25	http://cdn-download.top/VLC_3.0.18_X64.msi	Offline	msi vlc	gorimpthon
2023-01-27 08:41:14	http://cdn-download.top/7z2201_setup.msi	Offline	7zip msi	gorimpthon
2023-01-25 17:00:15	http://cdn-download.top/Rufus_setup_3.21.msi	Offline	msi	abuse_ch
2023-01-25 11:53:40	http://cdn-download.top/TradingView_setup.msi	Offline		JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type
2023-02-06 16:02:04	b6d227ecdd87632c85de707a66fc88b529dbfe43f58609ca39c7d4e26ccd464f	msi
2023-02-06 15:13:45	92b3f198ef275f5a750ce4f7731cf586ce6967dd4ad69a28d837aa9302c99ff0	msi
2023-02-06 02:42:20	bc22209f991df8421fb231a20637aedeed6f8ee2e6a9f12e4be7b9673572ac63	msi
2023-02-05 15:24:33	4d33832f906f1dec561c7161ebc17b221918b33a45cd46f5aa94ef583827548b	msi
2023-02-05 10:59:59	701ed5f2ca915a782be1fb699612df7daf36ad4bb6c89f429eed6e3e27312ece	msi
2023-02-04 14:39:47	7d0032c053be79fc47a1e102e041e2e8806cb5da90ef071b7423a92b8b9c4881	msi
2023-02-03 13:14:31	86de8d1761bc5259c2332a255fc2121f59be7ece04732cb4da57f14ce58c0683	msi
2023-02-01 18:17:49	04ffca4322de2e68cdf544ef063a464c7304371ab9a32f12a4197d55eb108455	msi
2023-01-31 15:56:31	4c68035c3c7713cf4fc105f702f57e52c9e9fd070c306b1b266d76e2482d39f9	msi
2023-01-31 10:59:14	e9fd503c4d519d431d61d72af86af8fe0ff2dbfc516f34447356817e0e862360	msi
2023-01-30 16:20:08	aecce92d846b780e7eac44837a967865c8a37e96af47ffda8d0eb8666cb2cb7b	msi
2023-01-29 17:51:23	92275e9b59ebf47548643d73b0e6b9ad5801993b19af4d369a5ee33e8e616b1f	msi
2023-01-28 12:50:51	407769fffaf67e7706b24dd77ada710b9bf115ced2bda971afc8b81ffc426b26	msi
2023-01-27 11:26:02	4e738bb6d6151a8383ab8d4c660df7f2195688d481f86e25d1d84e35e04f59ab	msi
2023-01-27 08:47:24	647d9d0d509ff57f5dc443e51e1ea37ad8322566ea94382a152f29bab5d0f5e1	msi
2023-01-27 08:41:14	a0133fc64c0bb7215aaa57c142357070d2d2f782039c3b4191786ad3fbd224cf	msi
2023-01-25 23:36:25	e2d20d55d2028393833af36dec30320b5b5419d1b3c223d62937f65470324a72	msi
2023-01-25 17:00:10	1b1aa08061f3e879248ffbacec5020b930c90ab08ce1b29544141423efe52e1f	msi
2023-01-25 11:53:34	5e0d8d9ae9094177d5d0c0626ab013a7e17155cf37171b63f70622758dc9a614	msi