URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	crystalcoin.cc
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-03-02 12:38:04 UTC
Total malware sites :	18
Online malware sites :	0 (0%)
Offline Malware sites :	18 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 15:20:03	199.59.243.228		Not listed	AS16509 AMAZON-02	US	no
2023-07-19 19:42:05	34.98.99.30	30.99.98.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2023-03-02 12:38:40	192.232.218.145	192-232-218-145.unifiedlayer.com	Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-03-14 19:00:12	https://crystalcoin.cc/scarica/	Offline	250255 7710 geofenced Gozi ISFB ITA redir-302 ursnif	abuse_ch
2023-03-14 18:59:54	https://crystalcoin.cc/agenzia/	Offline	250255 7710 geofenced Gozi ISFB ITA redir-302 ursnif	abuse_ch
2023-03-14 18:59:42	https://crystalcoin.cc/connect/	Offline	250255 7710 geofenced Gozi ISFB ITA redir-302 ursnif	abuse_ch
2023-03-10 09:14:11	https://crystalcoin.cc/scarica/Agenzia_Entrate.zip	Offline	7712 agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif zip	abuse_ch
2023-03-08 10:08:11	https://crystalcoin.cc/scarica/cliente.zip	Offline	agenziaentrate Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-08 10:08:10	https://crystalcoin.cc/scarica/azienda.zip	Offline	agenziaentrate Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-08 10:08:10	https://crystalcoin.cc/scarica/AgenziaEntrate.zip	Offline	agenziaentrate Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-08 10:08:10	https://crystalcoin.cc/scarica/impresa.zip	Offline	agenziaentrate Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-08 10:08:10	https://crystalcoin.cc/scarica/Direzione.zip	Offline	agenziaentrate Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-08 10:08:10	https://crystalcoin.cc/scarica/contratto.zip	Offline	7712 agenziaentrate Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-06 18:17:10	https://crystalcoin.cc/mise/Funzioni.zip	Offline	Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-06 14:38:09	https://crystalcoin.cc/mise/Normativa.zip	Offline	Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-06 11:39:11	https://crystalcoin.cc/mise/Disposizioni.zip	Offline	Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-06 11:39:11	https://crystalcoin.cc/mise/Gestione.zip	Offline	Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-06 11:39:11	https://crystalcoin.cc/mise/Cliente.zip	Offline	Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-06 11:39:10	https://crystalcoin.cc/mise/Servizi.zip	Offline	Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-06 11:39:10	https://crystalcoin.cc/mise/Contratto.zip	Offline	Gozi ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-02 12:38:40	https://crystalcoin.cc/impresa/Agenzia_Entrate.zip	Offline	agenziaentrate BIG Gozi ITA malware stealer	JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-03-10 09:14:11	1f233fdb94239fa884321a91d14342c1a66e64ce02dc64378cb7c53669d5ea28	zip	Gozi
2023-03-08 10:08:11	6a11b49472e5ea497098f11ab66bde3fb6fa1a6762b73cf08f1dfa83efae22e6	zip	Gozi
2023-03-08 10:08:10	120b092e8d8212a7c0e796ac320dd10c56c8b801aa8fb234cb577d5f0dabc05c	zip	Gozi
2023-03-08 10:08:10	b57e90f3f5326920735a5ebc884b4ad1b28e97b48bba4615ab6e7092ea386bd2	zip	Gozi
2023-03-08 10:08:10	29547f7ced48000841e1ee6e5da03bcfb21722d9e60687356ab2d1e000733f21	zip	Gozi
2023-03-08 10:08:10	b883d0faf8a9f2396a311b6005ab68073ff0e6a09cafbdc7b58a8439d52409a1	zip	Gozi
2023-03-08 10:08:10	0284ebc8b81dd2894fbdb7ca298d1c2c85c41630b9b9ab99aed51aec86073aae	zip	Gozi
2023-03-06 18:17:10	fac31a8e978c8f3b5765ae8a2a03aec1fd2dde3ddade6d7c92d2d077d058d803	zip
2023-03-06 14:38:09	57befac41319e7e1fc9d6cd5637240fa766bdbc562d7720bb04beee36113ae10	zip
2023-03-06 11:39:11	d7bb5c90b0336b6351ec64ecb11cfc7feefc2d293bc19df6cbe83e0f57324bc5	zip	Gozi
2023-03-06 11:39:10	6af28eb96fe081e131079417fab6b8d4a6460a2cb6e532c14af45e1531d796b1	zip	Gozi
2023-03-06 11:39:10	40570e998a0f16239e1587de3812da51f58a972d21685f1a90c69282645a46b4	zip	Gozi
2023-03-06 11:39:10	33db5b2a2cc592fd10c65ba38396e4c7574ad78e786d78e8a3acdc93a90c3209	zip	Gozi
2023-03-06 11:39:10	41c1cad44c0a9aa37b33ff2269ab3232a4efcb34c21234f1b773eb5a53289c5c	zip	Gozi
2023-03-02 15:42:50	f52c313277246ccd81420797967aff0a7353fe0f6badc77817e842120072efbd	zip	Gozi
2023-03-02 12:38:34	cfe6b53554aaf19a2adf3a64ac5133705d6529396de72a80f88a9446ed5ccc6f	zip	Gozi