URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	ekuqap10.top
Domain registrar:	NICENIC
Domain registration date:	2021-12-06 08:42:12 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-12-19 08:58:09 UTC
Total malware sites :	1
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-12-20 09:38:08	45.141.102.1	ptr.ruvds.com	Not listed	AS48347 MTW-AS	RU	no
2021-12-20 08:31:55	93.189.42.182		Not listed	AS41853 NTCOM-AS	RU	no
2021-12-19 08:58:11	194.87.185.2		Not listed	AS58061 SCALAXY-AS	CZ	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-12-19 08:58:11	http://ekuqap10.top/downfiles/gallah.exe	Offline	32 exe	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-12-19 17:53:18	31eb4eec08c93c2770affd600e010182855e63322fba278afede89816faff6aa	exe
2021-12-19 11:59:41	f4889a3b066fb61c8df967ceb0ef0e0157dd5a3ef65feb328e30a186a5c3c1e8	exe
2021-12-19 08:58:11	32ecdeb650c1a54310c61847b3c86732290a4df1b51e95238868555e144ca9a6	exe