URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	dc541.4sync.com
Domain registrar:	GoDaddy
Domain registration date:	2000-06-05 20:38:38 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-02-01 13:45:06 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-02-01 13:45:14	204.155.145.55		Not listed	AS40824 WZ-US-40824	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-12-12 06:43:07	http://dc541.4sync.com/download/HRfK298F/Virus_...	Offline	njRAT	abus3reports
2024-12-11 12:24:05	http://dc541.4sync.com/download/HRfK298F/Virus_...	Offline	njRAT	lontze7
2023-02-02 16:11:12	https://dc541.4sync.com/download/tNU3UTeE/light...	Offline	FakeBat Lightshot msi	lazyactivist192
2023-02-02 16:09:12	https://dc541.4sync.com/download/v6VPdorJ/cpu-z...	Offline	CPUZ FakeBat msi	lazyactivist192
2023-02-02 16:08:13	https://dc541.4sync.com/download/UADqm6QL/cryst...	Offline	CrystalDiskInfo FakeBat msi	lazyactivist192
2023-02-02 16:02:15	https://dc541.4sync.com/download/LBUGD--P/AIDA_...	Offline	Aida64 FakeBat msi	lazyactivist192
2023-02-02 16:01:21	https://dc541.4sync.com/download/cg0b3txa/gpg4w...	Offline	FakeBat GPG4Win msi	lazyactivist192
2023-02-02 16:00:18	https://dc541.4sync.com/download/VejRhLru/ultra...	Offline	FakeBat msi UltraISO	lazyactivist192
2023-02-01 13:45:14	https://dc541.4sync.com/download/aAtfTl49/cpu-z...	Offline	CPUZ FakeBat msi	lazyactivist192

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-12-12 06:43:07	af9b13f209cb3854e56e139f4059ae664702e7d4d9ef61908d42492c1ecfdf00	exe	njrat
2024-12-11 12:24:05	af9b13f209cb3854e56e139f4059ae664702e7d4d9ef61908d42492c1ecfdf00	exe	njrat
2023-02-04 17:42:51	fc4f87aac68a7826d0d391e98a2b14d4259814b661277c7b5c9265956f5e29c3	msi
2023-02-02 16:11:12	f516ee82660137a6d56f460e85a14f041eb56ffbf14c1d54d614fca5cfe5dcd0	msi
2023-02-02 16:09:12	c6e79473526e0c70389c7cf6c31987ef23cd59b4012b614dcb545d085118ef80	msi
2023-02-02 16:08:13	336730c99affb33befc42729db6448ee8b6bdb07657fb49d301915f8c2c6b2c2	msi
2023-02-02 16:02:15	caa880e7820c1605ae509cb9f5e564037fdbda6da9b9b29f65fbc9bd8b3802d8	msi
2023-02-02 16:01:21	fc9171498a9a5ce1b209b6181e54abc81c93111d2c5e441aaa8c9fcd9aca43e9	msi
2023-02-02 16:00:17	f8a558b5018b7731d5a4d458fcf047b58748fc0fec8aca8ae177dc0f1bc9d47b	msi
2023-02-01 13:45:08	a274e2ade352ec745e33f63b958d287e29c3cd01de5bfe3a1fc34db144b5c8f8	msi