URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	fototunes.com
Domain registrar:	Name.com
Domain registration date:	2021-09-15 14:52:24 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-06-13 16:33:24 UTC
Total malware sites :	1
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-29 11:20:42	91.235.122.92		Not listed	AS201909 INTELI-TECH-DEVELOPMENT-SRL	RO	yes
2023-09-17 00:06:56	91.195.240.94		Not listed	AS47846 SEDO-AS	DE	no
2023-06-24 11:45:11	192.185.4.37	gator4026.hostgator.com	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	no
2023-06-13 16:33:27	192.185.21.72	192-185-21-72.unifiedlayer.com	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-13 16:33:27	https://fototunes.com/cter/	Offline	BB32 geofenced js Qakbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-06-14 12:36:48	4c6caf82dd959b97718caa7061611898c3a495a680862ae0d8fb2bf8e98c3e6e	zip		Quakbot
2023-06-14 11:21:50	5cd15a5947d6feb4ebe67137cdec8600bc585ff8c1343034bb040df86a0eb3c3	js		Quakbot
2023-06-14 10:05:00	7925ad09738164468bba03f2540cb53fb9642c59a589549a26bc7838cf55cf5d	js		Quakbot
2023-06-14 09:37:31	7d4299e46bc9c986cbe4daed9a9d8b7dda2879e4204d6192fb8c57bb83dc52c3	js
2023-06-14 08:04:36	6d8348cec331ee7d652dec435f1d5a3a513697040b79e3b86f268cebd42cd525	js		Quakbot
2023-06-14 06:32:27	95f2521606f82ae3b1a8d0431a422c6b9ebb5c047ce4d8cfd9f1850b80f2cdf9	js		Quakbot
2023-06-14 05:04:08	edb774ca4ce5aa0b8dd2689eecc7c5596cf5c581523fae519b269c73ae6c9710	js		Quakbot
2023-06-14 04:38:58	69f93a6237243fafbd9819b0e9f48146bc2bb54273b0f7ef5815edf7b0fc9626	js
2023-06-14 04:30:01	8e4598055189595b7b04c58a778f02457973e353989ab022f6029ad27c0b2f7f	js		Quakbot
2023-06-14 03:08:18	248f62597c9428bc5920ec40a1128e5954f688fb888e243ad6ff19496f2681be	js		Quakbot
2023-06-14 02:44:17	edb35bca2e6b45be2c59d91bb0c733b2d14862afa347aee1945f517b712cb1cb	js		Quakbot
2023-06-14 01:04:42	02c33b41cdc78e07327607670e3f4844033b51df5c18a85eb146a96c891bc4f2	js		Quakbot
2023-06-14 00:55:39	958342a90502bd278b7e87d0eaec2224d8b4856a579385d30092496561d6638d	js		Quakbot
2023-06-13 23:20:35	59eb669a757058561ea4c07b922431289017a7bce6a4f8a1fac76b85c30ece5f	js		Quakbot
2023-06-13 22:17:47	8bc1f1844a4657bb065c1be165149f561eaf201471049be6bb36d44463c2de4f	js		Quakbot
2023-06-13 21:22:59	bbcca37eddd3785374f00e536f7a6ab44b2d0ab8591c7e74dcc25b8409fd72a2	js		Quakbot
2023-06-13 19:12:07	e52709cccd057f0ba8a1a15af6bd3a915c79b5304a0f9ccdbd1b4b5ef32dbec0	js		Quakbot
2023-06-13 17:38:33	990fcc25de370c8b28fcd7dd0c37eedff5aac1fa3c53d892528aed63d3e46499	js		Quakbot
2023-06-13 16:33:26	443a4858bb97867d5cd71cf4bd4fa72fd89ead7f2a7c7c54cb88492000166886	js