URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: dfsgbhnjmnyhtbgrvfd.top
Domain registrar:NICENIC -
Domain registration date:2022-05-12 18:23:19 UTC
Abuse complaint sent to registrar: Yes (2022-05-22 06:06:02 UTC to support{at}nicenic[dot]net)
Domain registry:TOP registry -
Abuse complaint sent to registry: Yes (2022-05-22 06:06:02 UTC to abuse{at}nic[dot]top)
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-05-22 06:00:04 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :21

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-05-14 03:23:10 58.64.137.69SBL676527AS17444 HKBNESL-AS-AP- HKno
2022-08-04 13:41:42 34.152.60.101101.60.152.34.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- CAno
2022-07-21 02:54:30 34.65.90.3434.90.65.34.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- CHno
2022-07-17 00:29:53 195.22.152.185example.comNot listedAS47196 Garant-Park-Internet- RUno
2022-07-14 11:04:12 34.175.64.4949.64.175.34.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- ESno
2022-07-14 09:38:49 109.107.180.41host-109-107-180-41.macloud.hostNot listedAS48030 MIN-AS- RUno
2022-07-11 12:52:54 34.95.164.3434.164.95.34.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- BRno
2022-06-27 20:27:23 34.154.108.245245.108.154.34.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- ITno
2022-06-22 18:57:39 34.118.102.2424.102.118.34.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- PLno
2022-06-22 18:45:31 109.107.182.26hosted-by.yeezyhost.netNot listedAS216024 KVMKA-COM- FIno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-05-22 06:40:05http://dfsgbhnjmnyhtbgrvfd.top/strong/top.exeOffline32 exe RecordBreaker ext RedLineStealer ext zbetcheckin
2022-05-22 06:00:06http://dfsgbhnjmnyhtbgrvfd.top/strong/mix.exeOffline32 exe RecordBreaker ext RedLineStealer ext zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-07-11 12:52:449739246cc975d1ff15936f9c59db66651a44bddd71048ff9168d7f75e2b945cdexe  
2022-07-09 22:19:5003f9385cc83549641ebb75d5d2a3f11941a29132193e20da1602cfa22577f7c5exeRedLineStealer
2022-07-09 22:09:1303f9385cc83549641ebb75d5d2a3f11941a29132193e20da1602cfa22577f7c5exeRedLineStealer
2022-07-07 20:27:30dcd134f804aa015e6c84fb1ee9a2e65942e80cc1a740512ed1bbe087f44a242dexe RedLineStealer
2022-07-07 19:57:41dcd134f804aa015e6c84fb1ee9a2e65942e80cc1a740512ed1bbe087f44a242dexe RedLineStealer
2022-07-01 19:05:5057cafe882ac3a3889a2121256c044efb112c98b97f15e9b47b64dd083ef16387exe RedLineStealer
2022-07-01 19:04:4257cafe882ac3a3889a2121256c044efb112c98b97f15e9b47b64dd083ef16387exe RedLineStealer
2022-06-24 17:57:2117be3f5a030e5e25e6e1950b99b6af54d8a6d239154f91ab4ba74ac1f1204242exe RedLineStealer
2022-06-24 17:56:1217be3f5a030e5e25e6e1950b99b6af54d8a6d239154f91ab4ba74ac1f1204242exe RedLineStealer
2022-06-22 14:27:071a0e3cf79a9a58af2ae76d49c2135e318a26c62abcd13e962d76837af6426b94exe RedLineStealer
2022-06-22 14:26:591a0e3cf79a9a58af2ae76d49c2135e318a26c62abcd13e962d76837af6426b94exe RedLineStealer
2022-06-20 20:58:086da2a6f1037e65427460c225e124d058bedf657143700f33ed04dbc3c2cdd05cexe RecordBreaker
2022-06-20 20:49:256da2a6f1037e65427460c225e124d058bedf657143700f33ed04dbc3c2cdd05cexe RecordBreaker
2022-06-19 17:17:234223eed73e2e2aec32626dc339fcfc7c13707b13c36691ef1935dc873463ea52exe RedLineStealer
2022-06-19 17:12:034223eed73e2e2aec32626dc339fcfc7c13707b13c36691ef1935dc873463ea52exe RedLineStealer
2022-06-13 18:58:273d6b544e6ef26f2aacc33c48e8fc79c189dfb7fdb6b47d0247f5e5d81a77c04aexe RedLineStealer
2022-06-13 18:48:573d6b544e6ef26f2aacc33c48e8fc79c189dfb7fdb6b47d0247f5e5d81a77c04aexe RedLineStealer
2022-06-09 14:30:31fb4c1d99f53ededb398c10f5563c024be9cba391816970d20715379d04ab5e3cexe RedLineStealer
2022-06-09 14:24:46fb4c1d99f53ededb398c10f5563c024be9cba391816970d20715379d04ab5e3cexe RedLineStealer
2022-06-07 14:28:49809e303ba26b894f006b8f2d3983ff697aef13b67c36957d98c56aae9afd8852exe RedLineStealer
2022-06-07 14:23:33809e303ba26b894f006b8f2d3983ff697aef13b67c36957d98c56aae9afd8852exe RedLineStealer
2022-06-05 20:08:131ef47e8caa4c2a0a1b68832894f64d7fe54ef804a110b98626b1b737f62e387aexe  
2022-06-05 20:08:09fd088b4f7e1e9e1f391974e2f635375c52ed3ca147ed99d909a8f084e2f88755exe  
2022-06-05 18:37:45bb92071ef5284b057198d255c1aa037625c2e073d7f8e5de3921509740dc63abexe  
2022-06-05 09:57:16ad6f95cabca4db8bde7f6bbc56a695f4dd5b9bfb7cfb7002d631093fff534d54exe  
2022-06-04 15:18:17f6ac71b0442ddc6e22488a118a1260301be7421aa280fe9ba48dd339e5a82a81exe  
2022-06-04 15:13:15f6ac71b0442ddc6e22488a118a1260301be7421aa280fe9ba48dd339e5a82a81exe  
2022-06-03 07:44:2233d277a62f6093d8b7f83e5c48a8193adedc321d0a8ff23072e22c3cebb2172bexe  
2022-05-31 19:16:49c49c86e7a26eae0532e080603cf0175095e49b0eac7b6e7e7de0265a53481dbeexe RedLineStealer
2022-05-31 19:04:49c49c86e7a26eae0532e080603cf0175095e49b0eac7b6e7e7de0265a53481dbeexe RedLineStealer
2022-05-30 17:00:1183879331514451ba4a95dfd1f5b1f06e2dacb8effb9cb58acab5d5fb06d908f3exe RedLineStealer
2022-05-30 16:59:0983879331514451ba4a95dfd1f5b1f06e2dacb8effb9cb58acab5d5fb06d908f3exe RedLineStealer
2022-05-29 18:45:3813b127d253cba7bdf7548e8541e19f3087a5ea98105a7ea76d3052308b91b6fcexe RedLineStealer
2022-05-29 18:44:3113b127d253cba7bdf7548e8541e19f3087a5ea98105a7ea76d3052308b91b6fcexe RedLineStealer
2022-05-28 19:29:00e2e52641cf38063022f411aab1677766c0c4b41acac750f872373fe3032766e2exe RedLineStealer
2022-05-28 19:28:03e2e52641cf38063022f411aab1677766c0c4b41acac750f872373fe3032766e2exe RedLineStealer
2022-05-27 19:31:22063d68a498ca1d79f269f286988b6cf4c0f37030d381d46b3e1022719fde189cexe RedLineStealer
2022-05-27 19:21:29063d68a498ca1d79f269f286988b6cf4c0f37030d381d46b3e1022719fde189cexe RedLineStealer
2022-05-26 18:28:5806e85620626d06f1d4f3c84825a8c12a5701d16807f0e5d25a5ab1132523cec1exe RedLineStealer
2022-05-26 18:28:1606e85620626d06f1d4f3c84825a8c12a5701d16807f0e5d25a5ab1132523cec1exe RedLineStealer
2022-05-26 12:17:2824b3e8220bb56f40ac29dce28310b362a5b8e25bfe0c27aaeeaee77d877e8916exe RedLineStealer
2022-05-26 12:17:0024b3e8220bb56f40ac29dce28310b362a5b8e25bfe0c27aaeeaee77d877e8916exe RedLineStealer
2022-05-25 19:46:4066883e0b51e1f34b1fba6555dff3e50559b1116c353b2579f94314000f6742efexe RedLineStealer
2022-05-25 19:43:4466883e0b51e1f34b1fba6555dff3e50559b1116c353b2579f94314000f6742efexe RedLineStealer
2022-05-24 17:58:13af2267850e0b5da4d978980eff90ceb91b83a51ea695bbcbbfe9aca99a25a293exe RedLineStealer
2022-05-24 17:54:07af2267850e0b5da4d978980eff90ceb91b83a51ea695bbcbbfe9aca99a25a293exe RedLineStealer
2022-05-24 15:08:48804f149cac4ec3ac403d61db2d26d6ad3497a655f1e97cb750d1d457731b358dexe RedLineStealer
2022-05-24 12:49:15804f149cac4ec3ac403d61db2d26d6ad3497a655f1e97cb750d1d457731b358dexe RedLineStealer
2022-05-23 22:28:41b4129a21ccae3f8dbc5f7eaf1e4e9a32bf6ec46c93cf011847b0dc89a0e51617exe RedLineStealer
2022-05-22 17:47:350ee628ef37d2ae2d6f6e3b1c98e36fc9ca685c26b2bced1e299746aefb09e0a5exe RedLineStealer
2022-05-22 17:44:060ee628ef37d2ae2d6f6e3b1c98e36fc9ca685c26b2bced1e299746aefb09e0a5exe RedLineStealer
2022-05-22 06:40:05f7491341509fe582a63437f0f92c3c66a6f4c98c20ff8e6574e1ecf844d4fa19exeRedLineStealer
2022-05-22 06:00:06f7491341509fe582a63437f0f92c3c66a6f4c98c20ff8e6574e1ecf844d4fa19exeRedLineStealer