URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	file.garden
Domain registrar:	Cloudflare
Domain registration date:	2022-02-15 12:12:51 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-12-20 12:45:07 UTC
Total malware sites :	7
Online malware sites :	0 (0%)
Offline Malware sites :	7 (100%)
A record(s) observed :	16

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2023-12-20 12:45:07	188.114.96.3	SBL690066	AS13335 CLOUDFLARENET	n/a	yes
2023-12-20 12:45:07	188.114.97.3	SBL691350	AS13335 CLOUDFLARENET	n/a	yes
2025-11-05 04:29:07	188.114.96.12	SBL687667	AS13335 CLOUDFLARENET	n/a	no
2025-11-05 04:29:07	188.114.97.12	Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-12-10 04:49:26	104.21.48.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-12-10 04:49:25	104.21.112.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-12-10 04:49:25	104.21.16.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-12-10 04:49:25	104.21.32.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-12-10 04:49:25	104.21.64.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-12-10 04:49:25	104.21.80.1	Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-02-28 14:27:10	https://file.garden/aUviSvysUw5ANn2A/Ptar.png	Offline	lnk opendir PureHVNC vbs WsgiDAV	DaveLikesMalwre
2025-12-25 14:39:06	https://file.garden/aUGX_WWYhiuCYAzf/optimized_...	Offline	Formbook	abuse_ch
2025-11-09 09:13:16	https://file.garden/aPvjCU9PkXWKuMvJ/d.txt	Offline	ascii Encoded	abuse_ch
2024-12-07 14:38:24	https://file.garden/Z1LZlLbjjD-R7xcm/build.bin	Offline	dcrat	abus3reports
2023-12-25 04:07:09	https://file.garden/ZSmWpF64HVcOmsLd/The%20Summ...	Offline	32 exe MarsStealer	zbetcheckin
2023-12-21 18:34:05	https://file.garden/ZSmWpF64HVcOmsLd/WireGuard_...	Offline	exe MarsStealer	pesnoo
2023-12-20 12:45:07	https://file.garden/ZSmWpF64HVcOmsLd/RobloxChea...	Offline	exe MarsStealer stealer	pesnoo

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-02-28 14:27:10	76d06d4dd53f27ac91d5e1bb365cfc89a870090eac6bafcaacc12cd773e5fe27	unknown
2025-12-25 14:39:06	3f4c3c16f63fb90d1fd64b031d8a9803035f3cb18332e198850896881fb42fe5	unknown
2025-11-09 09:13:16	4d2b10b46e8ff7f551fd3bd3cb96f6c008f1f4c3ba1daee7114cee260bd45fff	bat
2024-12-07 14:38:24	a6429d9778a93254c7387cf588619a2635ed97108558a122de885aad25a57eb7	exe	DCRat
2023-12-25 04:07:09	9d15283240ff79899aeb0f2866c51b75d953e5c04a8069397734a3cb6aef87af	exe	MarsStealer