URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	h4.groutlandlady.top
Domain registrar:	Public Domain Registry
Domain registration date:	2025-05-15 09:18:14 UTC
Abuse complaint sent to registrar:	Yes (2025-05-20 13:11:01 UTC to abuse-contact{at}publicdomainregistry[dot]com)
Domain registry:	TOP registry
Abuse complaint sent to registry:	Yes (2025-05-20 13:11:01 UTC to abuse{at}nic[dot]top)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2025-05-20 13:09:04 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-20 13:09:05	104.21.63.62		Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-05-20 13:09:05	172.67.143.224		Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-05-20 13:18:11	http://h4.groutlandlady.top/888888.bin	Offline	censys CryptOne exe	NDA0E
2025-05-20 13:17:12	http://h4.groutlandlady.top/88.ext.bin	Offline	censys exe HijackLoader IDATLoader	NDA0E
2025-05-20 13:10:05	http://h4.groutlandlady.top/sh.ext.bin	Offline	censys exe HijackLoader IDATLoader	NDA0E
2025-05-20 13:09:05	http://h4.groutlandlady.top/shark.bin	Offline	censys CryptOne exe	NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-05-20 17:16:19	ef89e39477a6f0e04b545023e131913d621d17c94729a58b91d1c9b0627436f8	exe
2025-05-20 13:18:11	e3cd1f0cc93fe9023febcb4648ee40aa77441cb2bceafe713258d28d56e1c3fe	exe	CryptOne
2025-05-20 13:17:12	df4aa9ed599d9453c810487fa14ac9c98e6897d0f065f090384559c9e062dbc6	zip
2025-05-20 13:10:05	b8dfa80c6a22b7168b3b6738295a472c1f8d96c932062c72a53062b04de909ea	exe
2025-05-20 13:09:05	e882a6bc39d1eef27cc0f7b15e649002af592a90903c8e80164c049365b2268e	exe	CryptOne