URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	covid19help.top
Domain registrar:	NameSilo
Domain registration date:	2024-02-09 08:27:47 UTC
Abuse complaint sent to registrar:	Yes (2024-05-11 07:29:49 UTC to abuse{at}namesilo[dot]com)
Domain registry:	TOP registry
Abuse complaint sent to registry:	Yes (2024-05-11 07:29:49 UTC to abuse{at}nic[dot]top)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-03-25 04:15:12 UTC
Total malware sites :	47
Online malware sites :	0 (0%)
Offline Malware sites :	47 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-03-25 04:15:14	104.21.83.128		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-03-25 04:15:15	172.67.175.222		Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-07-15 13:00:11	https://covid19help.top/mano.doc	Offline	AgentTesla doc	NDA0E
2024-07-15 13:00:11	https://covid19help.top/mano.scr	Offline	AgentTesla exe scr	NDA0E
2024-07-15 12:57:07	https://covid19help.top/nick.scr	Offline	AgentTesla exe scr	NDA0E
2024-07-15 12:57:07	https://covid19help.top/nick.doc	Offline	AgentTesla doc	NDA0E
2024-06-28 13:15:09	https://covid19help.top/roth.doc	Offline	RTF	zbetcheckin
2024-06-28 06:53:04	https://covid19help.top/loudb.doc	Offline	RTF	zbetcheckin
2024-06-28 06:47:05	https://covid19help.top/damian.doc	Offline	RTF	zbetcheckin
2024-06-28 04:31:11	https://covid19help.top/wordpad.exe	Offline	32 exe RedLineStealer	zbetcheckin
2024-06-28 03:49:05	https://covid19help.top/obizz.doc	Offline	Formbook RTF	zbetcheckin
2024-06-27 07:19:06	https://covid19help.top/alphazxv.scr	Offline	exe Loki	abuse_ch
2024-06-19 11:48:07	https://covid19help.top/alpha.scr	Offline	doc exe Loki	abuse_ch
2024-06-19 11:48:07	https://covid19help.top/alpha.doc	Offline	doc Loki	abuse_ch
2024-06-14 07:00:11	https://covid19help.top/hecto.scr	Offline	AgentTesla exe	abuse_ch
2024-06-14 06:58:06	https://covid19help.top/rothc.scr	Offline	exe Formbook	abuse_ch
2024-06-14 05:26:07	https://covid19help.top/hecto.doc	Offline	AgentTesla RTF	zbetcheckin
2024-06-14 04:41:05	https://covid19help.top/damiano.doc	Offline	RTF	zbetcheckin
2024-06-14 03:54:05	https://covid19help.top/looud.doc	Offline	RTF	zbetcheckin
2024-06-14 03:44:04	https://covid19help.top/rothc.doc	Offline	Formbook RTF	zbetcheckin
2024-06-13 10:53:07	https://covid19help.top/sharo.scr	Offline	exe Formbook	abuse_ch
2024-06-13 10:53:07	https://covid19help.top/sharo.doc	Offline	doc Formbook	abuse_ch
2024-06-04 04:33:06	https://covid19help.top/obiz.scr	Offline	32 AgentTesla exe	zbetcheckin
2024-06-03 13:49:09	https://covid19help.top/ocean.scr	Offline	remcos RemcosRAT	James_inthe_box
2024-05-30 06:45:08	https://covid19help.top/GOtm.exe	Offline	DBatLoader exe	abuse_ch
2024-05-28 10:50:08	https://covid19help.top/loudzx.exe	Offline	exe Loki	abuse_ch
2024-05-22 19:07:09	https://covid19help.top/loud.scr	Offline	exe Formbook	abuse_ch
2024-05-22 18:19:08	https://covid19help.top/sharon.scr	Offline	exe Loki	abuse_ch
2024-05-21 03:37:09	https://covid19help.top/findbin.scr	Offline	exe Formbook	abuse_ch
2024-05-21 03:15:08	https://covid19help.top/elchap.scr	Offline	exe Loki	abuse_ch
2024-05-20 10:59:06	https://covid19help.top/pyramidzx.scr	Offline	Loki lokibot	Cryptolaemus1
2024-05-18 17:47:05	https://covid19help.top/shar.scr	Offline	exe	abuse_ch
2024-05-16 15:53:06	https://covid19help.top/loudd.scr	Offline	exe Loki	abuse_ch
2024-05-14 07:45:10	https://covid19help.top/fpeace.scr	Offline	exe Formbook	abuse_ch
2024-05-11 07:24:06	https://covid19help.top/xplugzx.scr	Offline	AgentTesla exe	abuse_ch
2024-05-01 04:58:03	https://covid19help.top/SAMM.exe	Offline	64 exe RemcosRAT	zbetcheckin
2024-04-30 13:50:07	https://covid19help.top/op.scr	Offline	Formbook	James_inthe_box
2024-04-23 06:09:04	https://covid19help.top/prosp.scr	Offline	exe	abuse_ch
2024-04-18 19:10:16	https://covid19help.top/0pORecqxeDazSCU.scr	Offline	exe Formbook	abuse_ch
2024-04-18 10:16:14	https://covid19help.top/MmxW3NwsZw7f1zs.scr	Offline	AgentTesla exe Formbook	abuse_ch
2024-04-18 08:53:06	https://covid19help.top/JBNvj66BwYU3yCv.scr	Offline	AgentTesla exe Formbook	abuse_ch
2024-04-18 08:53:04	https://covid19help.top/Transfusionist.vbs	Offline	AgentTesla vbs	abuse_ch
2024-04-17 03:35:12	https://covid19help.top/xobizx.doc	Offline	AgentTesla RTF	zbetcheckin
2024-04-16 08:08:08	https://covid19help.top/xobizx.scr	Offline	AgentTesla exe	abuse_ch
2024-04-12 12:31:05	http://covid19help.top/pdtzx.scr	Offline		e24111111111111
2024-04-10 08:56:06	https://covid19help.top/pdtzx.scr	Offline	RemcosRAT	Cryptolaemus1
2024-03-26 12:55:12	https://covid19help.top/admzx.scr	Offline	exe rat RemcosRAT	abuse_ch
2024-03-26 06:17:07	https://covid19help.top/arinze20.doc	Offline	RTF	zbetcheckin
2024-03-25 04:15:15	https://covid19help.top/microzx.doc	Offline	AgentTesla RTF	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-07-15 13:00:11	8476a825dc9701da17a29bb46f56ae2b2bee74facc586b3357ee3627ffa83fd5	rtf	AgentTesla
2024-07-15 13:00:11	39739a45c3ad08076c372e156455159af07b99eccacd6ac7c21c273a1a7c48d3	exe	AgentTesla
2024-07-15 12:57:07	05da9848e44274f32cf592fb476550dedcea2477d9ae2cce3dbf8c20c04cf188	exe	AgentTesla
2024-07-15 12:57:07	50db4947b7b376e1dcf502a704bd87dbbc7a04959720f5c2b9390d171cef240c	rtf	AgentTesla
2024-06-29 06:25:32	ed8e464b52a9d62400ba9b9e39fa37555e4b0db548487f56a5ea89b7bdcf9648	rtf	Formbook
2024-06-29 02:34:35	579a4b676b32f4b2af28babb7d0c7c3f04db59d5437341fa918cc38236d14c6b	rtf
2024-06-28 08:37:57	562f0bcc88b30a19f309f2cec7288ef29faa53d2b9d33a52f964f2e3b09324e5	exe	Loki
2024-06-28 08:08:29	688ade2a84dc563da3868c853dc6df1150d07ba094f0e6ee0eff9cb6b3faf938	rtf
2024-06-28 07:53:18	efff613131542c9c4e4acd46ca0057891ccfe65b243149224d3fc7ccd3374743	rtf
2024-06-28 05:52:33	a591d3d035cf90395ad1078a415a46b5b44dd813496291b702fe36cfb22dee36	exe	RedLineStealer
2024-06-27 10:46:05	3b253bddd8e49b0353b44254fdc82c53c1614f5c2d09e2fde95698ad3a7815a0	exe	Loki
2024-06-27 07:19:06	3e413cd70e1b19e81efe9c6560834b9dfc7da53a57e2070e4b1e9864702c3e92	exe	Loki
2024-06-19 11:48:07	4c6f70966e8252fa390e9cd62fd382e6cded38f3334790f0d57f8ee87a229829	rtf	Loki
2024-06-19 11:48:07	98e1aa492f377611e489361fbcf1fced75fe6c9028a214aeba35fa7ac577790b	exe	Loki
2024-06-15 14:54:41	937081feb5a92bd12a4dd14da3180bbf029bd4ccc537f2d7c15617bd65960478	rtf
2024-06-14 15:20:45	65fd79f4a61c2f5c2d97b5833e6a1a64ca712ceed932f8c864c6dfaca127ae99	rtf
2024-06-14 07:00:11	76ef6a87b0778c794c0273fa7e969754d3cb9dc5d9fcf5a1f442d9d1dad076d5	exe	AgentTesla
2024-06-14 06:58:06	bd8057af228eb7494ff3b6988f70a9785c4e686caaf3a2bcf641b3f02c101567	exe	Formbook
2024-06-14 05:50:08	e7fbf7f26036835b915a585e0305acbac48110325986af3d293566be7bb551f2	rtf	AgentTesla
2024-06-14 04:27:36	33046dea626595f2473070279af119a969c0d00495bc0a6472f29630f0764fca	rtf	Formbook
2024-06-13 10:53:07	ac61066997c1ed196dc3311c32afc2507ec5e97c46242b12871dcec8b558e040	exe	Formbook
2024-06-13 10:53:07	d397ebd8812626c3fc3a0304a0ba03b21539dc26bfa2ad14ba67c951dabb9ff4	rtf	Formbook
2024-06-04 08:01:41	5b392e8ed59cba47d55e9c6416c9be310c48e0cf432ac8da77a17513102f3d9d	exe	AgentTesla
2024-06-03 13:49:09	c4dd9ec83dc0b304101fa6b2f37d93aae8921bab88ca6e49a6a8eb18d390ed79	exe	RemcosRAT
2024-05-30 09:10:27	11081aad115a298645c29fc92de0383902fee4e64994f4681619b0dff485f179	exe	DBatLoader
2024-05-28 11:10:58	65da12f7054daf4f9ec5851d5f53c9ef184c8b2ea2046d0904004583bb658042	exe	Loki
2024-05-22 19:07:08	e224a25d4418ec2453cb3287fe13416b6a672de61f60341c77271fbb33870a55	exe	Formbook
2024-05-22 18:19:08	4f28d09d883b746ee2ea52b8e86881ee6f11057fc976c7b085c44092b7fae87a	exe	Loki
2024-05-21 03:59:29	054ed8f0ce27a64eb8c1e0b9ad040ce4e90eed29e386130233d2e82d2564769a	exe	Loki
2024-05-21 03:37:09	8e68d12aa3dbfabcfc25976e7c1d441121e22b3b0c06c500f03cb6af35ee4ed2	exe	Formbook
2024-05-20 10:59:06	eb6d3ace662019bd56815df63efce445a2f9357ca21a187517e11d8a7dd022d7	exe	Loki
2024-05-16 15:53:06	12f0fb53c3eda4a327523a3ad52ebfea151b7b3d88523c8624905af43ea781a9	exe	Loki
2024-05-14 07:45:10	46bbd8bfd207c958a5a695daefff47cd021898dd248d13c1a0e8b0dbc8466c2a	exe	Formbook
2024-05-11 07:24:06	ad69e7f10266ceca6bf4a854570ab0c4017bd35ed8d63499f7567b393d2dc410	exe	AgentTesla
2024-05-01 05:17:30	f3050a3a335d79e31e55dcc7da2da1a672593433058cbb3e325dde599cc11b1c	exe	RemcosRAT
2024-04-30 14:13:21	b71e3904bb555c207012bc86a6176c800490529c0976e2933351c593adc5afc6	exe	Formbook
2024-04-18 19:10:16	27f8fe9e4c2cf7bedf462a311aaf91698fb375f7002cdb3b290e872b6a27768c	exe	Formbook
2024-04-18 10:16:14	0dbab91308f11720f979f402adf1d6c4e2d575a9fa5e0f4d30f550e7010f35ce	exe	Formbook
2024-04-18 08:53:06	f2664bdfd035d146843f1575528eb9694a98b32f99488058a0e04885ad62e9c2	exe	Formbook
2024-04-17 22:37:02	a79ed53396570071a97528394a3a3b33a95efa65823e42cf2b17aeca682336ab	exe	AgentTesla
2024-04-17 17:14:20	b640b0a3f1e8fd2dd2adc3ec32fb2d41de0f7622306335cb96587c6997f664a8	exe	AgentTesla
2024-04-17 03:35:10	d03bb14b3852574a34043130102a04235da51cc6ccef5f9204df2d671e840c1d	rtf	AgentTesla
2024-04-16 08:08:08	1902f939a74f649682dc0d484b6b101b855de2053cd6a74535db49697aef4c1f	exe	AgentTesla
2024-04-10 16:28:18	9942af44037bcfef5830dd71011bbd6ecc4c79c8bc1e62018eadc3ea4012e38a	exe	RemcosRAT
2024-04-10 13:31:10	26c67e8d0cbc1b01492b1efa668e9d88f1a40ecf0db2084407eaf183614d8abb	exe	RemcosRAT
2024-04-10 08:56:06	2320bdd2ef439c3c079ecf8c1c89ff9e8d2c20ed47f459c29186b00c476fa7d4	exe	RemcosRAT
2024-03-26 12:55:11	f2fe3aa0d244d7f17610042ee41aaa3eff40b1a349b43f317ff92f6ec5b7608e	exe	RemcosRAT
2024-03-26 06:17:06	aa12ffc8ffa7fca764d475110506d3e32ea4d8a4c2f7108d1bd711a0676f408d	rtf
2024-03-25 04:15:14	549efc26b767eb73d03d661fc2234dff23a0de9198b84103ef6b20e286af04d3	rtf	AgentTesla