URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: kotob.top
Domain registrar:Eranet -
Domain registration date:2021-09-30 17:32:02 UTC
Abuse complaint sent to registrar: Yes (2022-01-20 19:32:13 UTC to info{at}todaynic[dot]com)
Domain registry:TOP registry -
Abuse complaint sent to registry: Yes (2022-01-20 19:32:13 UTC to abuse{at}nic[dot]top)
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2021-11-14 20:54:09 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :379

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-11-14 22:40:54 138.36.3.134138-36-3-134.texnet.net.brNot listedAS264562 PBR_SERVICOS_DE_TELECOMUNICACOES_LTDA- BRno
2022-01-19 20:28:47 177.99.69.190177.99.69.dynamic.adsl.gvt.net.brNot listedAS18881 TELEFNICA_BRASIL_S.A- BRno
2021-11-14 21:22:47 186.182.55.44Not listedAS11664 Techtel_LMDS_Comunicaciones_Interactivas_S.A.- ARno
2022-01-15 01:35:04 189.129.113.216dsl-189-129-113-216-dyn.prod-infinitum.com.mxNot listedAS8151 UNINET- MXno
2021-11-14 22:49:40 190.140.74.43Not listedAS18809 Cable_Onda- PAno
2021-11-14 20:54:39 197.44.54.172host-197.44.54.172-static.tedata.netNot listedAS8452 TE-AS- EGno
2021-11-14 22:40:53 211.168.197.211Not listedAS3786 LGDACOM- KRno
2021-11-14 22:19:47 211.171.233.127Not listedAS3786 LGDACOM- KRno
2021-12-23 09:32:46 31.167.149.141Not listedAS35819 Mobily-AS- SAno
2021-11-14 23:04:01 61.255.185.201Not listedAS9318 SKB-AS- KRno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-01-15 08:46:13http://kotob.top/dl/build.exeOfflineexe stop abuse_ch
2021-11-14 20:54:41http://kotob.top/dl/build2.exeOfflineArkeiStealer ext exe benkow_

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-01-18 13:33:44c56621b4054263a18a5585713bb0e1e27a92914aa4089408ecc80e6a1e5b422eexe ArkeiStealer
2022-01-18 07:48:15415b2a4ddeaafbf631b7dbd90e7f890e304d1cfdd66cd2faea3d3011154c8b76exe ArkeiStealer
2022-01-18 07:32:32dfd0237a1df251793d4b1495faadbde233eb50e1b78601978963259a339d4471exe ArkeiStealer
2022-01-17 22:56:485dade017a4ed56f3795a13f89d6ece948a0efd96316061d4c646a1f8d6df817eexe ArkeiStealer
2022-01-16 18:46:05fa57465bc6bd89407e4b37bf7f386bacae9417b6e715d2ecf3f5bf07b46602b4exe Ransomware.Stop
2022-01-16 17:21:155f65e2fb594b820822e7f39654f7f1707413229ac9baa371d53e4fa31161818bexe Ransomware.Stop
2022-01-16 16:41:49fe2544e8fd10576580c5b8d5576f27cbfa189a8e1347fa69eadf9329c46a560fexe Ransomware.Stop
2022-01-16 14:15:37c052c0b0f0a7d8164462e471a1ec8cd89fde221cc5a701cc1b284508f521f2baexe Ransomware.Stop
2022-01-16 13:07:4081adf4e24ef020ea7fdfd1d1b24729df39d314400525d4a36a0ccfe71ad3945fexe Ransomware.Stop
2022-01-16 12:15:05dda8a0671f754691b271c7d46a4af7a24cc5ccb96adf96c203a64d45ac843ff4exe Ransomware.Stop
2022-01-16 09:34:42b0ede3f150eb0ffec3c31643b19cac0628f8b0cb2d16697b8ccc0f802b0fafb6exe Ransomware.Stop
2022-01-16 08:59:07932c45414bacba0e753030307ef9935db70403db429f2fac3b03fda2951435bcexe Ransomware.Stop
2022-01-16 08:25:24fab4f5f2927e0316af5800ce6496c21212d34ed7ba62a6293a41d7d89d782df6exe Ransomware.Stop
2022-01-16 06:58:3989d19a7283d500a633bca1c6709ae5f23c09c8401649804151cdda0dfafcb643exe Ransomware.Stop
2022-01-16 05:59:47382c7de5da72bb639a088fd547ecb43e9b6cf67375233a0b6cab3100a7aa4459exe Ransomware.Stop
2022-01-16 04:57:3316394cd0aea8ff69c522d2fe0afe5ddb82284e3a380cc280d2c3741af091781aexe Ransomware.Stop
2022-01-16 04:24:379c09b71026adeb01eb5793431bf79cf57b1768154c4e4bfc62541dce4a5eec80exe Ransomware.Stop
2022-01-16 04:06:33dd6b4af249f85102d3313d3045824e06da7e782918b3edc8dbcb5af7b507b66bexe Ransomware.Stop
2022-01-16 03:05:47d0b7ab594959e67805f11a8293482c2f24ec924603deea71c35663dbeaf2c9cfexe Ransomware.Stop
2022-01-16 02:07:05469dac8c5f0b08d91e498beb7017e12bd3a40c0d377a2cce20fa820a3dbde36bexe Ransomware.Stop
2022-01-16 01:09:180dc1056659f6011de065a45806fd778335d170dd72ae40a2f7e8bd54d5df763aexe Ransomware.Stop
2022-01-16 00:54:5733fed03b6d8d5a4801eed46fc9b02c75a381026d718288bb331f51d302682933exe Ransomware.Stop
2022-01-15 22:37:33a7f61244ad567af21da869ef7ec9eb99b7c022945246c969cf86db2224bc0c34exe Ransomware.Stop
2022-01-15 21:54:25b5f21d908676ac52d9e231a74e56537bebe81d7d4bf49d96260eef1461165b98exe Ransomware.Stop
2022-01-15 21:09:15a9578e2c25a176e288c419743d1627e23d329c5d4ec73e7c29ae17ae904f70f3exe Ransomware.Stop
2022-01-15 19:53:55aba7ef8ce7758b2725ea7c34118287930f4586c549e37a91d41ebf3b4f2fd3b6exe Ransomware.Stop
2022-01-15 18:52:2046a589865914e68326dab27f567e6f527a30422e86ec5dc3462bada3146e07b0exe Ransomware.Stop
2022-01-15 17:13:08eda3d3626bc278a9ea9b9b3d386fa1af520613d9771e8b922de96d21db176eb3exe Ransomware.Stop
2022-01-15 14:58:163a3be0837ad5ae71174431afb72ea3c7c7743efd2b2ae2250e183ff94e0b813fexe Ransomware.Stop
2022-01-15 14:02:5916b5b8acd69eb572d83775de64199705fb6ed22d0df1ddd84592e784b371a98dexe Ransomware.Stop
2022-01-15 12:32:527f7ff528316f81b2a9d349b4b522d2aa824ce6512d6be91b67368a24904bb898exe Ransomware.Stop
2022-01-15 11:55:23d80c43408ab8681bff30f4ddbe5655a050a77d73975951f81ab0361fddde97a5exe Ransomware.Stop
2022-01-15 09:40:2450aaffd939210c38e58d47decd3f8eceb3b6369501cac77c32ea2a1c445eca66exe Ransomware.Stop
2022-01-15 09:04:45a1637978bf5c17d54cd0447ec49ead040daeaf8e3bf58d84419ab8d0d05dbff5exeRansomware.Stop
2022-01-15 08:46:09d3daa188cd6249ef55901e879d69c6b7bd998b9397ed628cced509c63f6728a9exe Ransomware.Stop
2022-01-03 12:54:34118fdc1f91f1d3ccd8afeed03bfbc1c51e6bc7e316d9b1c0d88640872ed3e17eexeArkeiStealer
2021-12-31 13:40:57df71148d5c047d3d46ce71ca4f68487b0a487a0b52ea4f5bb3f8eda035fd771aexeArkeiStealer
2021-12-27 15:14:1512f67b777aa65271b2e5773b042cbf8bc1c0bf8cabaf356aa05b583a1e581b94exe ArkeiStealer
2021-12-26 08:45:21347417a340793f09888460d3af86f7fd2dfee072016d443130b2e24a06899ad0exe ArkeiStealer
2021-12-23 06:37:39d2f136baa22d61c72002b33e5e66b03e58309d35b0f2abb968ebc8d1fa159359exe ArkeiStealer
2021-12-18 02:00:10229b06ba702bdde53a3f4a89d9da20d47b972ddaf45b00997fa517014e4d5becexe ArkeiStealer
2021-12-10 13:49:260241e8302dd7f1dbb90ad8f26e6d852b665c4068dcd02903f0eac1b7208cf9c3exeArkeiStealer
2021-11-30 11:12:23c19a32b2c1b56473245cb672da9d589227f52966b40c9b761765e85418052f35exe ArkeiStealer
2021-11-23 11:57:429d4f3c4a7bce15559a9501b2c7d2ecf8f005a1b325dd407dff8054ed0e3e9b17exe ArkeiStealer
2021-11-17 11:15:54a4a31db13374418337c98302d3e7dd841351826743fb2face7d2058597dd581bexe ArkeiStealer
2021-11-16 09:10:31c186d29d3e7c1183a931e1c7116884d60cff668baffcea4b349851ca083ac187exe ArkeiStealer
2021-11-14 21:02:43050cc4823e9f393e290fa9c758bc09f63344db1319728348cde18a3598e935f4exe ArkeiStealer