URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: dfcf.91756.cn
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Blocked
Firstseen:2019-01-29 19:41:01 UTC
Total malware sites :1
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-01-29 19:41:09 211.144.33.238Not listedAS9811 DRCSCNET- CNyes
2022-05-27 00:54:06 47.91.170.222Not listedAS45102 ALIBABA-CN-NET- HKno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2019-01-29 19:41:09http://dfcf.91756.cn/plugin/iasetup.exeOfflineexe zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-08-04 00:48:1565e407c2f523d44a736565ac3ad7dc38e13a63b072d12da6e0319d4d82f2b504exe  
2021-07-05 09:22:19e331b9267ee75649fd057ebf9aeab4f3ad2883210246ab92afe348435cfd4fbaexe  
2020-12-31 19:00:390b4a40aa05c2c778b0fdda418d8258304f039a73d1a661f203158432c33a9b9eexe  
2020-06-06 19:00:201d89257ffd86de232c7a5b4dbfee57287c56e0149c3d61207f2ff47498639bf2exe  
2020-04-16 14:47:25f60f5a459973a66e3859cf38fd69f411ee31a288270e99e28086d80e2f4952b7exe  
2019-08-03 19:00:3637980de72201bdaa8a4c6a0d44bc833b9f004e10a2391c87cabd1134579f6556exe  
2019-01-29 19:41:0865c1d6ac581446d3e242def64455c75697136add0d1780325f2269307478189bexe