URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	cynorix.com
Domain registrar:	Squarespace
Domain registration date:	2018-11-12 01:48:39 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-11-22 22:50:06 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-08-02 06:24:32	66.102.133.110	sh-cp17.yyz2.servername.online	Not listed	AS40092 ONIAAS	CA	yes
2023-11-22 22:50:10	64.34.75.145	hp315.hostpapa.com	Not listed	AS13768 COGECO-PEER1	CA	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-11-22 22:50:10	http://cynorix.com/netTimer.exe	Offline	AgentTesla dropped-by-PrivateLoader njRAT Phonk	andretavare5

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-12-20 10:41:40	8bc0ba263542eae45e77d3afe10718324a0f3ca61cd6995309f81e93d5639f29	exe		Phonk
2023-12-17 16:17:51	67c9e7e65b92b06d35146dd9e895cff8aba6914b19499dc6de9144bf0c17c3c2	exe
2023-12-16 14:56:11	37a1bf9b3ac3853e6a7d70c2bd7050f88117378c63d8e94c0cf7d4fd8ad67396	exe		Phonk
2023-12-14 15:07:57	530d483aea51d161151b66fd42a86a5dc44db87a4b5640183c3effe6286533f3	exe
2023-12-12 08:25:51	66859748469fd2a38ed41c31d23c5af44c86792c58f943cb2be6891637fd3314	exe		njrat
2023-12-11 08:04:59	ee9386158971feeef97366397c2edc80f9419f8efa4ee174c996d6a3661723e3	exe		njrat
2023-12-09 08:30:17	0935077c48020cded9538925a4ed667ec0cb228a9eb77dbd7bca98eec45dbe4c	exe		njrat
2023-12-08 12:09:10	7229c22dfd34e71d0b66b8b8114a5241d34a4a96e231eed3aab50b6ff0dbce26	exe		Phonk
2023-12-07 08:25:57	9bbaf4cf4269a265ae7a9b5574741b771bfb444d299198e0962827a47ec9aa2b	exe		Phonk
2023-12-06 10:36:21	e4502034c8c9f54e1164c27a004178a7dd63cfac8c2f8811476aeef0a15b0697	exe		AgentTesla
2023-12-05 10:44:35	2af00f3896464c393ce7f3e22317856155c2532c0c87a911703d1feedd242120	exe		Phonk
2023-12-04 12:13:17	d24be360ddb8ea8b74ccf513c139dcfa56eda3f156b3c5eafd469876a546d383	exe		Phonk
2023-12-01 09:04:54	4991ad7da11f0a8fa7b06ba980a38c53dcdd188f4f81ff2eb532399df39fea00	exe		AgentTesla
2023-11-30 10:06:53	8bd14d2df867a0163651188bcf79b801d3dc683d2797840c5822b6fbf996ba76	exe		Phonk
2023-11-29 09:15:18	48445024105791ab8b37eb5292e8fbccd1c32896a0f91185d9981f3c8e636e39	exe		AgentTesla
2023-11-28 19:59:58	d6a97630bdf41188120a543b8faab162ca5abf0ebf9651223a0f8dcd75f3e118	exe		Phonk
2023-11-28 07:09:14	0aec7e0749d1c1c975ddcfcaea469789b79e717e8715c14f204d680fd340fb32	exe
2023-11-27 12:14:58	bfd23b8d4186146b217f7ea98bfab2eb73ea46d4316d0eb41ffbd374718dfc6c	exe		Phonk
2023-11-26 20:42:41	b4b63cff8a641f25803ccc47f679132870ea27ebed3bdc75bf847b732a0b90b4	exe		Phonk
2023-11-25 09:46:48	f4a9c54fcfd61cbb3e3e46332f3af3a29b70d4ef2090eeb8e338924e2cf5a762	exe		Phonk
2023-11-24 10:37:34	1f3b7a5b5dcad705398697e8cf460beab8a73d05d299a6dbbebe96f10b8a00b1	exe		Phonk
2023-11-23 08:44:59	3c47f28be9b0985a64ec458337ff217346a69d670cdc582f6813f32e8d75ed52	exe		Phonk
2023-11-22 22:50:09	52561ff3d9b1ecac75cbdfb406992f710551148dd79ee5e5370efde2e9cdfa82	exe		Phonk