URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | happyday9risce.com |
|---|---|
| Domain registrar: | Tucows  |
| Domain registration date: | 2021-11-11 16:50:33 UTC |
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Blocked |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2022-05-27 15:56:04 UTC |
| Total malware sites : | 4 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 4 (100%) |
| A record(s) observed : | 11 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-09-19 14:18:57 | 50.16.27.236 | ec2-50-16-27-236.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES |  US | yes |
| 2025-04-27 20:35:25 | 188.40.141.211 | static.211.141.40.188.clients.your-server.de | Not listed | AS24940 HETZNER-AS |  DE | no |
| 2022-07-06 22:40:23 | 198.11.176.80 | Not listed | AS45102 ALIBABA-CN-NET | US | no | |
| 2022-07-05 16:14:45 | 178.20.45.178 | host-178-20-45-178.hosted-by-vdsina.ru | Not listed | AS48282 VDSINA-AS |  RU | no |
| 2022-06-25 16:47:37 | 178.20.45.75 | v2198213.hosted-by-vdsina.ru | Not listed | AS48282 VDSINA-AS | RU | no |
| 2022-06-22 20:07:10 | 46.173.223.43 | SBL668586 | AS47196 Garant-Park-Internet | RU | no | |
| 2022-06-21 12:19:18 | 34.95.149.142 | 142.149.95.34.bc.googleusercontent.com | Not listed | AS396982 GOOGLE-CLOUD-PLATFORM |  BR | no |
| 2022-06-01 01:53:54 | 80.66.64.89 | Not listed | AS48347 MTW-AS | RU | no | |
| 2022-05-27 15:56:08 | 34.118.86.4 | 4.86.118.34.bc.googleusercontent.com | Not listed | AS396982 GOOGLE-CLOUD-PLATFORM |  PL | no |
| 2022-06-21 07:43:09 | 176.119.158.180 | vbrick.dampasellsod.com | Not listed | AS48347 MTW-AS | RU | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-05-29 18:02:37 | http://happyday9risce.com/maxm.exe | Offline | 32 Amadey exe |  zbetcheckin |
| 2022-05-28 19:38:18 | http://happyday9risce.com/game.exe | Offline | 32 exe RedLineStealer  | zbetcheckin |
| 2022-05-27 15:56:08 | http://happyday9risce.com/feedxn.exe | Offline | 32 Amadey exe RedLineStealer | zbetcheckin |
| 2022-05-27 15:56:08 | http://happyday9risce.com/kingz.exe | Offline | 32 exe | zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-05-29 22:16:21 | b0055062b72652ae7b7d52589e78743bbe03eff674add9b7b5cfbe82ae8ba86b | exe | ||
| 2022-05-29 17:32:20 | 7ff0ff6e51a58398ad73da3cc8e7e6233a23e49d93aaa4b190672e4f9f08b9bb | exe | Amadey | |
| 2022-05-29 00:06:58 | 6f50ae6dfc12c685179e878890fd801fac676ff20b26e08fb1f18092bff76a31 | exe | ||
| 2022-05-28 20:59:02 | 75d542c788608db8798a3f54fc1791c7e8f83ffa203a2f5c9ff23f4567afb493 | exe | ||
| 2022-05-28 19:38:18 | fb63e82f9803b9cab3f7e4bda5a570baff699393565d5f0e4ca13bd2bec8a925 | exe | RedLineStealer | |
| 2022-05-28 14:23:56 | 75e938d55867880bceb0ee8453f1f8ede82a961b77c4246b450d5ad4b691f656 | exe | RedLineStealer | |
| 2022-05-28 14:16:12 | 9f97fdeaa2c81fac2afb2a94616144c0773b5bec316ebc114c8d134eccd84cdc | exe | ||
| 2022-05-27 15:56:08 | 0ae6223a947654283ddaad72ab64c82c6a4dbd3e7fb367a4914e6acc01785e78 | exe | ||
| 2022-05-27 15:56:07 | 10a860636249b684637f52d92da4da908a1187870671b58eb9ccca9af67187f2 | exe | Amadey |