URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	lont.co.in
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-06-25 18:26:44 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-06-25 18:26:50	204.11.58.46	204-11-58-46.unifiedlayer.com	Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-06-26 19:35:08	http://lont.co.in/bobbyx/engineserv.exe	Offline	exe Loki rat remcos RemcosRAT	p5yb34m
2020-06-25 18:43:05	http://lont.co.in/mazx/mazx.exe	Offline	AgentTesla exe Formbook rat	p5yb34m
2020-06-25 18:41:07	http://lont.co.in/djfilex/djfilex.exe	Offline	AgentTesla exe rat	p5yb34m
2020-06-25 18:39:07	http://lont.co.in/wealthx/benzway.exe	Offline	AgentTesla exe Formbook rat	p5yb34m
2020-06-25 18:38:19	http://lont.co.in/ashleyx/ashleyzx.exe	Offline	exe Formbook	p5yb34m
2020-06-25 18:38:06	http://lont.co.in/ashleyx/ashleyx.exe	Offline	exe Formbook	p5yb34m
2020-06-25 18:35:07	http://lont.co.in/djfilex/arnoidx.exe	Offline	exe MassLogger	p5yb34m
2020-06-25 18:27:08	http://lont.co.in/ugop/skyloki.exe	Offline	exe Loki lokibot	p5yb34m
2020-06-25 18:26:50	http://lont.co.in/ugop/ugoloki.exe	Offline	exe Loki lokibot	p5yb34m

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-06-30 05:36:51	191c7c47fec63f29c5409e19a59ae3545295928a2e0e5f83a64ce64d1e2f0c1d	exe	Loki
2020-06-30 00:37:59	ae438370eda70ba48a763c526e61b068e16d11cbd00e9cb504d6f1eeb7442d22	exe	Formbook
2020-06-30 00:07:47	15c4fa85cbc2c692575d38601a56e49a52a23d74a2dce110bf17beadf46672bb	exe	Formbook
2020-06-29 23:31:31	9f1e52fff719e7a27c64308c5bc17eb7bc77330f69c4afd318686447474e0f13	exe	Loki
2020-06-29 01:01:09	1f3b870885e4b0c757f37f0056e33d864351bcc7abcf266ee187b5e000b312d3	exe	Loki
2020-06-26 19:35:08	991bc7cb785f4342df6f32d1e67d277a1a9a0bd9edaf046020b13b19b06bf25d	exe	RemcosRAT
2020-06-26 01:07:02	215da2273362ea646fd6dacd5eda5156245f2c3137c89c3242f6e134935da38c	exe	AgentTesla
2020-06-26 01:05:14	68b8730a3c5e7e57bac4f049b366aa82339f4e742632e26def24b3d3c1b939fb	exe	Loki
2020-06-26 00:58:23	b15150ad60896b077eec3fe3076f76440e38e8c90da4327f78367284742e5289	exe	MassLogger
2020-06-26 00:58:06	1b3a9b2b91e235e345e7ed4e944e219133eed160548fb27594e9493ad71785a6	exe	Formbook
2020-06-26 00:57:49	3ecc74c73c0c7c4a7cdadf37691f74b4994789ff59a6de71feb13bcd602609fd	exe	Loki
2020-06-25 23:46:25	fa963327c91d9d8fb99fb2afae8bf10a36c799e42a52e0f2aae0cf3065ed3e82	exe	AgentTesla
2020-06-25 18:43:05	21644ae34f4cd8f6594ce1634bca5b0e53d8f8aaa20f1340799095be6ba53b58	exe	AgentTesla
2020-06-25 18:41:07	3c6253d227ce48fa3c02214e2c38001814480e7f963dadb0f0833527c76111ed	exe	AgentTesla
2020-06-25 18:39:07	552c84c35ffde3f49415e706d22c78984d157c835398f07e46a121bd9bce8859	exe	AgentTesla
2020-06-25 18:38:19	498fbde70a7375ef095b51ad4ad72798d26a2d28dd82e155e9afc31e95773bea	exe	Formbook
2020-06-25 18:38:06	03fca82ebc530842237b3f1c592aeb6eb68c07cb4abbbad34e729796e815228e	exe
2020-06-25 18:35:07	49ebdee0fec93cc0c1815c018bdff160a61568e5e1369336918a97724dd4ad72	exe	MassLogger
2020-06-25 18:27:08	d4e84f7639267100768e4db249b132a804752579d646833d192ea8b78cda2177	exe	Loki
2020-06-25 18:26:49	aaf3bfe09b9949c3b086b6d60e539e716d2797302eb2a2950aced004d6795112	exe	Loki