URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	gossip-candy.stars.bz
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-05-12 11:08:03 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	15

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2025-09-17 18:26:40	188.114.96.3	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-09-17 18:26:40	188.114.97.3	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-11-05 03:35:45	188.114.96.12	SBL687667	AS13335 CLOUDFLARENET	n/a	no
2025-11-05 03:35:45	188.114.97.12	SBL687666	AS13335 CLOUDFLARENET	n/a	no
2025-06-05 22:47:46	104.21.112.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-06-05 22:47:46	104.21.16.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-06-05 22:47:46	104.21.32.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-06-05 22:47:46	104.21.48.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-06-05 22:47:46	104.21.64.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-06-05 22:47:46	104.21.80.1	SBL681411	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-03-22 14:35:39	http://gossip-candy.stars.bz/spark/bin-kok_KxlY...	Offline	encrypted GuLoader	abuse_ch
2021-03-19 08:13:33	http://gossip-candy.stars.bz/spark/bin-info_APu...	Offline	encrypted GuLoader	abuse_ch
2021-03-17 11:16:33	http://gossip-candy.stars.bz/spark/bin-OPOION_A...	Offline	encrypted GuLoader	abuse_ch
2021-03-16 15:11:33	http://gossip-candy.stars.bz/spark/bin-prom_UDN...	Offline	encrypted GuLoader	abuse_ch
2021-03-16 02:07:33	http://gossip-candy.stars.bz/spark/bin-works_QW...	Offline	encrypted GuLoader	abuse_ch
2021-03-12 16:05:07	http://gossip-candy.stars.bz/spark/bin-goods_Bv...	Offline	encrypted GuLoader	abuse_ch
2021-03-11 07:01:07	http://gossip-candy.stars.bz/spark/BIN-INQUI_wM...	Offline	encrypted GuLoader	abuse_ch
2020-05-12 11:40:09	http://gossip-candy.stars.bz/luxe/a1/aa1.exe	Offline	exe opendir	abuse_ch
2020-05-12 11:08:05	http://gossip-candy.stars.bz/luxe/a1/radio.exe	Offline	GuLoader	jarumlus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-03-25 12:44:40	8dcde56d2e83269fb8b285a06907c813e281f87b4842d558406bb45bb8d334f6	unknown
2021-03-25 06:35:21	692868c0e63ea7e3f74e4691cb8c6b5b1fe3d381939bc659d8d12ec1478dd0a9	unknown
2021-03-24 11:27:10	bc9754f12cff67fefaa3c581dfa081356cd57d5d28146ef0e6186c2f36a1fd78	unknown
2021-03-24 11:25:13	ec2550d15bacafa3245d6e59e3d7f3cbabb4b0320a5febe3149ad9fd94a72056	unknown
2021-03-24 11:22:32	bf67d31bbd17c1462771a8d8c4883cb7fcf0171227071963cdeaaeef10625b9c	unknown
2021-03-12 16:05:07	f7dd09f83d79bd5d621df3a2f574980bc0d0812de15ee15f4025dc9b20529416	unknown
2021-03-11 07:01:07	d6c1eaba3a5514de297029b3545a5aa7cd56f651b35c17367198e6511231560e	unknown
2020-05-12 11:40:08	601cdbddfe6ac894daff506167c164c65446f893d1d5e4b95e92d960ff5f52b0	exe
2020-05-12 11:08:05	3939a9494bb1636232937e57243c7c362fc9c08a0f9944509b60cde9943993e9	exe	GuLoader