URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | cdn.pixelbin.io |
|---|---|
| Domain registrar: | Gandi  |
| Domain registration date: | 2021-09-16 01:32:35 UTC |
| Spamhaus DBL : | Abused domain (malware) |
| SURBL : | Not blocked |
| Quad9 : | Not blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Not blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2023-07-25 18:08:06 UTC |
| Total malware sites : | 6 |
| Online malware sites : | 3 (50%) |
| Offline Malware sites : | 3 (50%) |
| Newest active malware site : | 2024-12-05 16:57:25 UTC |
| Oldest active malware site : | 2023-07-30 08:15:08 UTC (Age: 2 years, 10 months, 12 days, 11 hours, 0 minutes) |
| A record(s) observed : | 189 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2024-12-05 16:57:24 | 104.18.36.19 | Not listed | AS13335 CLOUDFLARENET | n/a | yes | |
| 2024-12-05 16:57:24 | 172.64.151.237 | Not listed | AS13335 CLOUDFLARENET | n/a | yes | |
| 2023-09-21 21:58:21 | 104.18.4.145 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2023-09-21 21:58:21 | 104.18.5.145 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2023-10-31 21:02:31 | 34.160.55.240 | 240.55.160.34.bc.googleusercontent.com | Not listed | AS396982 GOOGLE-CLOUD-PLATFORM |  US | no |
| 2023-07-30 07:19:49 | 3.160.196.28 | server-3-160-196-28.mrs52.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2023-07-30 07:19:47 | 3.160.196.31 | server-3-160-196-31.mrs52.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2023-07-30 07:19:48 | 3.160.196.52 | server-3-160-196-52.mrs52.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2023-07-30 07:19:48 | 3.160.196.73 | server-3-160-196-73.mrs52.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2023-07-25 20:25:46 | 65.9.25.28 | server-65-9-25-28.zag50.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-12-05 16:57:25 | https://cdn.pixelbin.io/v2/long-glade-33dc08/or... | Online | jpg-base64-loader trojan |  abus3reports |
| 2023-08-16 15:09:08 | https://cdn.pixelbin.io/v2/red-wildflower-1b0af... | Offline | AgentTesla  ascii |  abuse_ch |
| 2023-08-01 12:24:09 | https://cdn.pixelbin.io/v2/red-wildflower-1b0af... | Offline | ascii Encoded rat RevengeRAT | abuse_ch |
| 2023-08-01 06:25:14 | https://cdn.pixelbin.io/v2/plain-sunset-8e5d78/... | Online | jpg-base64-loader |  JAMESWT_MHT |
| 2023-07-30 08:15:08 | https://cdn.pixelbin.io/v2/long-glade-33dc08/or... | Online | AgentTesla jpg-base64-loader | abuse_ch |
| 2023-07-25 18:08:08 | https://cdn.pixelbin.io/v2/red-wildflower-1b0af... | Offline | abuse_ch |
The table below shows recent payloads delivery by this host.