URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | fbi.fund |
|---|---|
| Domain registrar: | Tucows  |
| Domain registration date: | 2021-05-22 17:28:46 UTC |
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Not blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2021-10-12 23:37:03 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 2 (100%) |
| A record(s) observed : | 16 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-11-16 20:59:06 | 195.201.128.179 | static.179.128.201.195.clients.your-server.de | Not listed | AS24940 HETZNER-AS |  DE | yes |
| 2025-11-16 10:03:57 | 5.161.47.86 | static.86.47.161.5.clients.your-server.de | Not listed | AS213230 HETZNER-CLOUD2-AS |  US | yes |
| 2025-11-20 16:32:21 | 5.78.156.59 | static.59.156.78.5.clients.your-server.de | Not listed | AS212317 HETZNER-CLOUD3-AS | US | yes |
| 2025-07-31 07:15:47 | 76.223.91.20 | ad988eeb126877ff9.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | yes |
| 2025-11-22 03:59:47 | 154.12.233.103 | vmi2921617.contaboserver.net | Not listed | AS40021 CONTABO-40021 | US | no |
| 2025-11-16 10:03:57 | 46.62.128.205 | static.205.128.62.46.clients.your-server.de | Not listed | AS24940 HETZNER-AS |  FI | no |
| 2025-11-22 03:59:47 | 185.217.127.20 | vmi2921626.contaboserver.net | Not listed | AS51167 CONTABO |  FR | no |
| 2025-11-16 10:03:57 | 5.78.153.186 | static.186.153.78.5.clients.your-server.de | Not listed | AS212317 HETZNER-CLOUD3-AS | US | no |
| 2025-07-31 07:15:47 | 166.117.68.124 | Not listed | AS16509 AMAZON-02 | US | no | |
| 2025-06-19 01:28:40 | 199.59.243.228 | Not listed | AS16509 AMAZON-02 | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-10-14 01:21:03 | http://fbi.fund/dark.1.27.exe | Offline | 32 exe |  zbetcheckin |
| 2021-10-12 23:37:04 | http://fbi.fund/tortillas/tortilla.exe | Offline | 32 exe | zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-10-16 10:50:11 | 0994c1fc7f66f88eead2091f31a2137f69d08c3cf9ee0f4a15a842f54253c9d9 | exe | ||
| 2021-10-12 23:37:04 | 08d799cc27063bc7969ae935ca171b518d0b41b1feaa9775bae06bd319291b41 | exe |