URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	hackercoc.duckdns.org
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-11-20 06:39:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)
A record(s) observed :	8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-06-29 20:53:46	88.231.99.106	88.231.99.106.dynamic.ttnet.com.tr	Not listed	AS9121 TTNet	TR	no
2025-04-27 11:35:48	78.166.251.201	78.166.251.201.dynamic.ttnet.com.tr	Not listed	AS9121 TTNet	TR	no
2021-05-22 22:15:16	91.46.147.90	p5b2e935a.dip0.t-ipconnect.de	Not listed	AS3320 DTAG	DE	no
2020-11-22 12:43:36	88.231.110.236	88.231.110.236.dynamic.ttnet.com.tr	Not listed	AS9121 TTNet	TR	no
2020-11-21 14:30:45	78.162.38.44	78.162.38.44.dynamic.ttnet.com.tr	Not listed	AS9121 TTNet	TR	no
2020-11-20 16:35:41	78.175.31.118	78.175.31.118.dynamic.ttnet.com.tr	Not listed	AS9121 TTNet	TR	no
2020-11-20 06:39:04	88.225.1.246	88.225.1.246.static.ttnet.com.tr	Not listed	AS9121 TTNet	TR	no
2020-11-23 11:45:58	78.175.222.151	78.175.222.151.dynamic.ttnet.com.tr	Not listed	AS9121 TTNet	TR	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-11-20 06:42:04	http://hackercoc.duckdns.org/yeni.apk	Offline	apk ShadowVoice	Jouliok
2020-11-20 06:39:48	http://hackercoc.duckdns.org/ara.exe	Offline	CoinMiner exe	Jouliok
2020-11-20 06:39:47	http://hackercoc.duckdns.org/araiki.exe	Offline	CoinMiner exe	Jouliok
2020-11-20 06:39:45	http://hackercoc.duckdns.org/arailk.exe	Offline	CoinMiner exe	Jouliok
2020-11-20 06:39:04	http://hackercoc.duckdns.org/1.exe	Offline	exe	Jouliok

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-11-20 07:20:35	a8294084897999a914c4d11f40c27f7d5f7007b66a446bbb6e9ce9d11489c8ee	exe
2020-11-20 07:04:26	28aea3958aa8c2290c5131bb19c5713c851b56389bcb13799b9f8b73efe57e1f	unknown
2020-11-20 06:39:48	49a326ef65fb6a7f8e778fb2104aa2708e38601348ddbc04e8cbd9117af0458a	exe	CoinMiner
2020-11-20 06:39:47	a519b94cbb4c14b6fb3397c3220851ebf960fffe4f82360dbd4493bad0d38747	exe	CoinMiner
2020-11-20 06:39:45	e2f0a2043a3d8ae1e3b6c3f156a410544c2336108b244dd2f9b77f2f9ede0a56	exe	CoinMiner