URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: dwefrgtrfedw.top
Domain registrar:NICENIC -
Domain registration date:2022-04-11 13:16:02 UTC
Abuse complaint sent to registrar: Yes (2022-04-15 06:56:01 UTC to support{at}nicenic[dot]net)
Domain registry:TOP registry -
Abuse complaint sent to registry: Yes (2022-04-15 06:56:02 UTC to abuse{at}nic[dot]top)
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2022-04-15 06:53:03 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :118

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-05-12 03:58:44 188.225.18.431194517-cy26375.tw1.ruNot listedAS9123 TimeWeb-AS- RUno
2022-05-11 22:29:21 93.189.43.66choralreview.comNot listedAS41853 NTCOM-AS- RUno
2022-05-11 21:12:16 46.17.43.216gs.zygx.ccNot listedAS51659 ASBAXET- RUno
2022-05-11 18:39:42 45.143.136.155free.example.comNot listedAS47196 Garant-Park-Internet- RUno
2022-05-11 17:21:18 5.188.88.71Not listedAS216368 PINVDS- RUno
2022-05-11 09:46:50 185.251.90.129Not listedAS35278 SPRINTHOST- RUno
2022-05-11 00:38:46 5.188.90.155Not listedAS216368 PINVDS- RUno
2022-05-10 18:38:31 176.119.147.103trendmarket.siteNot listedAS35278 SPRINTHOST- RUno
2022-05-10 17:48:16 46.173.219.220SBL668586AS47196 Garant-Park-Internet- RUno
2022-05-10 17:27:51 185.173.38.33host-185-173-38-33.macloud.hostNot listedAS212441 CLOUDASSETS- RUno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-04-15 06:53:07http://dwefrgtrfedw.top/strong/top.exeOfflineexe opendir RedLineStealer ext abuse_ch
2022-04-15 06:53:06http://dwefrgtrfedw.top/strong/mix.exeOfflineexe opendir RedLineStealer ext abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-05-11 16:46:4898419c96c662523f9f1987bd50a0496d18ee5639ba4b9d1eb759988f64c9e475exe RedLineStealer
2022-05-11 16:44:1098419c96c662523f9f1987bd50a0496d18ee5639ba4b9d1eb759988f64c9e475exe RedLineStealer
2022-05-10 17:49:36bd4743df99a26757a03a88dc2767e28cc56dab6115d1f200a5b65b1c91bd8aa3exe RedLineStealer
2022-05-10 17:48:06bd4743df99a26757a03a88dc2767e28cc56dab6115d1f200a5b65b1c91bd8aa3exe RedLineStealer
2022-05-09 14:04:30b92c500595b21446aad266c7b5373d199c8fc85ac5272d27639137f63310edcaexe RedLineStealer
2022-05-09 13:54:38b92c500595b21446aad266c7b5373d199c8fc85ac5272d27639137f63310edcaexe RedLineStealer
2022-05-08 18:46:436074a98b87a5762bb3e145b5f28e9f9366a9254733b6f3cdb1017b33e93c9ea2exe RedLineStealer
2022-05-08 18:43:546074a98b87a5762bb3e145b5f28e9f9366a9254733b6f3cdb1017b33e93c9ea2exe RedLineStealer
2022-05-07 15:29:2756abd6e22561198e85960edc955f46d99dde4aa9eefd581ccb58fae097cc2a80exe RedLineStealer
2022-05-07 15:28:5756abd6e22561198e85960edc955f46d99dde4aa9eefd581ccb58fae097cc2a80exe RedLineStealer
2022-05-06 17:40:116ff0696032ef1ffaadaff4e86edeeb2f5f3e7fb19709c8fde200e03823906f5eexe RedLineStealer
2022-05-06 17:35:116ff0696032ef1ffaadaff4e86edeeb2f5f3e7fb19709c8fde200e03823906f5eexe RedLineStealer
2022-05-05 17:28:584d016f85afb00490d0f4f49c32b903c9cd048dd1fed42aa814f15419d9c41c15exe RedLineStealer
2022-05-05 17:17:374d016f85afb00490d0f4f49c32b903c9cd048dd1fed42aa814f15419d9c41c15exe RedLineStealer
2022-05-04 18:53:114fa0e8fc1463651ed99326ee37bbd300f92942ecd0732905e8fa04cdf99215ecexe RedLineStealer
2022-05-04 18:42:404fa0e8fc1463651ed99326ee37bbd300f92942ecd0732905e8fa04cdf99215ecexe RedLineStealer
2022-05-03 20:25:5539b1e81c4ddd75c06ed61fd5aece1963ad1b6f1323daf8957100a3f76306c5bdexe RedLineStealer
2022-05-03 20:23:3439b1e81c4ddd75c06ed61fd5aece1963ad1b6f1323daf8957100a3f76306c5bdexe RedLineStealer
2022-05-03 18:57:380c9592119d40644b8bac12da26733c72deeecc7651403484e0ea58eed808c94cexe  
2022-05-03 18:42:300c9592119d40644b8bac12da26733c72deeecc7651403484e0ea58eed808c94cexe  
2022-05-02 20:49:3229ff166aa81e12bb122b7d8cab563e6e74dc662f206866a7c0f1214d2ff579c6exe RedLineStealer
2022-05-02 20:35:4729ff166aa81e12bb122b7d8cab563e6e74dc662f206866a7c0f1214d2ff579c6exe RedLineStealer
2022-05-01 21:18:454a3f164998a87cf5c9477f40ed4376f4990efc729ec145e362ecd9f03423a647exe RedLineStealer
2022-05-01 21:12:464a3f164998a87cf5c9477f40ed4376f4990efc729ec145e362ecd9f03423a647exe RedLineStealer
2022-04-30 21:49:4075affbc69ea3a1a05f015b3f46910a8fa2a5ca4df1bc906733369b95652296acexe RedLineStealer
2022-04-30 21:32:1175affbc69ea3a1a05f015b3f46910a8fa2a5ca4df1bc906733369b95652296acexe RedLineStealer
2022-04-29 20:06:43d5d4a740a77a6eb77c06c305eea3c939103308ff763118b02d9cc9c5cecfd762exe RedLineStealer
2022-04-29 19:07:14d5d4a740a77a6eb77c06c305eea3c939103308ff763118b02d9cc9c5cecfd762exe RedLineStealer
2022-04-28 19:28:39037d309d0386db4396fa3a580ef1030caea0295ea1d23572d05229d2a1e65dc1exe RedLineStealer
2022-04-28 19:19:33037d309d0386db4396fa3a580ef1030caea0295ea1d23572d05229d2a1e65dc1exe RedLineStealer
2022-04-27 18:24:36a634e087c351c5dab87d219e918fc2510952a5f8a737f690e7f1eed7b0ba6748exe RedLineStealer
2022-04-27 18:12:15a634e087c351c5dab87d219e918fc2510952a5f8a737f690e7f1eed7b0ba6748exe RedLineStealer
2022-04-26 19:57:09e73ca77e50cda361e6304f86d4063f6fed1f1f24028356823a2fd87b7524045fexe RedLineStealer
2022-04-26 19:44:23e73ca77e50cda361e6304f86d4063f6fed1f1f24028356823a2fd87b7524045fexe RedLineStealer
2022-04-25 23:17:5006faa9cd5696a9463e056462d0cbca19c4113b0f4d962353d680fe8d216e8932exe RedLineStealer
2022-04-25 23:03:4406faa9cd5696a9463e056462d0cbca19c4113b0f4d962353d680fe8d216e8932exe RedLineStealer
2022-04-24 18:54:464ca81bb3fb731a7c96a0cea5b5ace30111c0b29f3be7275727fb5795d029a047exe RedLineStealer
2022-04-23 18:24:13a8bb95ac20ace53b998a6a45faeca763cfdbf2d3b316a2b4e9fa01f016260fb2exe RedLineStealer
2022-04-23 18:24:02a8bb95ac20ace53b998a6a45faeca763cfdbf2d3b316a2b4e9fa01f016260fb2exe RedLineStealer
2022-04-22 18:37:215203853144de6c56b4f0829d814f46eb19dd18ebe32f798a168707dfa43754fcexe RedLineStealer
2022-04-22 18:31:045203853144de6c56b4f0829d814f46eb19dd18ebe32f798a168707dfa43754fcexe RedLineStealer
2022-04-22 15:21:28d52ef0afb174d1308e4077ab60be66e282570ca27ff55b453fd671473fcb6dbaexe  
2022-04-22 12:39:5990eaf84df5bfe27a71b404eb920347f7e0a648232912d323ad6f2112350c067cexe  
2022-04-21 18:28:51066ac0a3441bee9f922f9b4531ec23f84c6cd63f5d30914b103cece2e7ffd0b2exe RedLineStealer
2022-04-21 18:14:43066ac0a3441bee9f922f9b4531ec23f84c6cd63f5d30914b103cece2e7ffd0b2exe RedLineStealer
2022-04-20 17:23:540ca4f7af3b954c0cd1ce0746fcecf5663966c1ddeac6ff967d537e30f3b7dbb1exe RedLineStealer
2022-04-20 17:23:050ca4f7af3b954c0cd1ce0746fcecf5663966c1ddeac6ff967d537e30f3b7dbb1exe RedLineStealer
2022-04-19 22:48:06aa53feb8c334e07b8e1e2f7b308236069e53e4478dc5fa128d8decf6b80c1692exe RedLineStealer
2022-04-19 22:40:36aa53feb8c334e07b8e1e2f7b308236069e53e4478dc5fa128d8decf6b80c1692exe RedLineStealer
2022-04-19 20:11:4816b1e11b3d2822cb12e90e23f74e7ccd71a21dd82c41cf777678d056b62b7ecfexe  
2022-04-19 19:59:0716b1e11b3d2822cb12e90e23f74e7ccd71a21dd82c41cf777678d056b62b7ecfexe  
2022-04-18 20:01:5575c95ecd771570d2d224a2dc5ed0b278fce4aba67355fac52e2706f8ce75ea7bexe RedLineStealer
2022-04-18 20:00:1075c95ecd771570d2d224a2dc5ed0b278fce4aba67355fac52e2706f8ce75ea7bexe RedLineStealer
2022-04-17 18:06:158491c268eac7301ef5fbe836abbc43bbbb5f4859fdc020d73eb9a9c5c64eba9cexe RedLineStealer
2022-04-17 17:53:358491c268eac7301ef5fbe836abbc43bbbb5f4859fdc020d73eb9a9c5c64eba9cexe RedLineStealer
2022-04-16 18:05:5357800628ceb094780812c5da19d4da8e4803075757d5f8b4f2101eae9d9b202cexe RedLineStealer
2022-04-16 17:58:5057800628ceb094780812c5da19d4da8e4803075757d5f8b4f2101eae9d9b202cexe RedLineStealer
2022-04-15 20:18:43b2e9a3ed8ab7ea15ecc80d253310fa19426168becdc33bace10672e44e4ef3b0exe RedLineStealer
2022-04-15 20:16:36b2e9a3ed8ab7ea15ecc80d253310fa19426168becdc33bace10672e44e4ef3b0exe RedLineStealer
2022-04-15 06:53:067607c9b4b1a6625acab3d15d65ab98dbc5dfa5a96c38cc83837354364ca50ce4exeRedLineStealer
2022-04-15 06:53:057607c9b4b1a6625acab3d15d65ab98dbc5dfa5a96c38cc83837354364ca50ce4exeRedLineStealer