URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	hotmarzz.eu
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-12-07 09:39:09 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-12-07 10:06:08	195.110.124.154	ns5.register.it	Not listed	AS39729 REGISTER-AS	IT	no
2021-12-07 09:39:20	81.88.52.165	lhcp3165.webapps.net	Not listed	AS39729 REGISTER-AS	IT	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-12-07 10:07:09	https://hotmarzz.eu/goods/Droppertodownloa.exe	Offline	AgentTesla exe HawkEye	ffforward
2021-12-07 10:06:08	https://hotmarzz.eu/new/Products.zip	Offline	avemaria exe remcos RemcosRAT zip	ffforward
2021-12-07 09:39:20	https://hotmarzz.eu/mnbvcxzasdfghjklopuytrewqas...	Offline	exe xz	ffforward

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-12-07 10:07:09	06550442678fb92b0273b83f349d47d3654fb72a7d98398ce3b63e3635b8e8f1	exe	HawkEye
2021-12-07 10:06:08	8189662983e75f02093516a9180c7f6d23253ca965f81e0a0dea439451f3ac64	zip	RemcosRAT
2021-12-07 09:39:20	cfc7db2b9ac18c6df8191fa7c660bd405720f7736251577c7eef8885e320ab35	zip