URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	exatty.tk
Domain registrar:	Freenom
Abuse complaint sent?:	Yes (2023-06-13 17:55:02 UTC to abuse{at}freenom[dot]com)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-06-13 17:52:20 UTC
Total malware sites :	1
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-06-13 17:52:29	51.222.236.28	ip28.ip-51-222-236.net	Not listed	AS16276 OVH	CA	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-13 17:52:29	https://exatty.tk/riua/	Offline	BB32 geofenced js Qakbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-06-15 15:33:08	326be5c58520c906bba06a8de7d5e507c5eca83c4bf147255e95130f60e4a1a2	zip		Quakbot
2023-06-15 14:00:57	7884a9dca552c57d5dba6c3f1d4aafa47c2c625635f6f7e178310db60d513a50	zip		Quakbot
2023-06-15 07:19:54	8eeb087f7353715dd9af4851db6dcf360021dbcb5e51acb66d4a9100d8cd1017	js		Quakbot
2023-06-15 01:59:32	935ddc7d61fd41e0485a3888528cccedfe25e895f5caee28bf3685266eaef591	js		Quakbot
2023-06-14 13:37:27	78616d272dc4a0e6551bf78f5a5831e50cdc3d78458bb4e847bb5b9ed87e0e42	js		Quakbot
2023-06-14 12:19:10	d0ec84ab8535c114cc4f86dda3de09be9b9024a1e885cf39f2c85e897b5ad032	zip
2023-06-14 12:10:33	88465424fbdc4898dfe968c6a6e29600a5df75c3b57db64901fc6c4f0e1a58f1	zip		Quakbot
2023-06-14 10:58:38	8df16fca30d8b869bb2e5a4aa460ff419a1db0317a1b80e8daafa61cdbb32c0c	js
2023-06-14 09:05:00	67076bab342d29b913071be1cd29b60d1800fda7c0f4379f8f5adfb4e3b6f0ce	js		Quakbot
2023-06-14 08:28:33	2c0eb730bf95ed68473c18275de6e8fa29ca3e48e96a78a75ac8b1126fc3d6be	js		Quakbot
2023-06-14 07:28:53	b3f319873c5725e147f657b1f6e5219839ddddbf4a52be4a13767e871a3995a4	js		Quakbot
2023-06-14 06:55:11	c3587cdc8025c487b6963262ff80c62e898a52c295defc01e5fc4056a10d7fcc	js		Quakbot
2023-06-14 04:50:07	1e1217449d7d999b39a1c6d11b8e22e7e5b66cea10f423c322f9f1072e178a7e	js		Quakbot
2023-06-14 03:55:28	1d5987017ad620b3a02294aa2012ee88929b0de6562a00bdd17e5faa0a9461d1	js		Quakbot
2023-06-14 03:36:19	9df95efbc4e258fa1d2b4b3bb15abaebd1044a1c52aaaf506457523a40fe9a13	js
2023-06-14 02:37:15	9188f52e0786097d39407a4a95da624c737a2482bf2c891f9082d21e61f2e5ea	js		Quakbot
2023-06-14 01:58:00	224cde5d40c057cb06344feb844c2ec18762ea9970111b5ae50d4a66fcb438a8	js		Quakbot
2023-06-14 00:03:41	25ae3e1501445de4378eafc511e7ccc1ce8097bf4ca20e7faa59afb364c3b236	js		Quakbot
2023-06-13 22:40:26	39a742588af367f30c7bf2a1427b3fae0c2538272168039d5ff104802ee49bfc	js		Quakbot
2023-06-13 21:42:40	71085c763c95e9c210e090f96ac8540db019a10b589407c7f73d3c62615b07c9	js		Quakbot
2023-06-13 21:23:00	7229a67d0b9de46809d0fbde394a198b54a9d449a20c2ebe7d26f7e695b881e3	js		Quakbot
2023-06-13 19:39:32	f412d0859a20458bbe6a93522013b96874a90622d86350dab02103f4484f0290	js
2023-06-13 17:52:23	bbfb0ba41ca93c14c1ce9a65464fbee472fb0f2eab52dc47eac07d2ff59ed4b2	js		Quakbot