URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: margos.org
Domain registrar:Namecheap -
Domain registration date:2015-08-07 22:07:32 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-08-13 13:27:03 UTC
Total malware sites :4
Online malware sites :0 (0%)
Offline Malware sites :4 (100%)
A record(s) observed :12

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-09-17 18:06:00 188.114.96.3Not listedAS13335 CLOUDFLARENETn/ayes
2025-09-17 18:06:00 188.114.97.3Not listedAS13335 CLOUDFLARENETn/ayes
2025-04-27 13:00:06 104.21.112.1Not listedAS13335 CLOUDFLARENETn/ano
2025-04-27 13:00:06 104.21.16.1Not listedAS13335 CLOUDFLARENETn/ano
2025-04-27 13:00:06 104.21.32.1Not listedAS13335 CLOUDFLARENETn/ano
2025-04-27 13:00:06 104.21.48.1Not listedAS13335 CLOUDFLARENETn/ano
2025-04-27 13:00:06 104.21.64.1Not listedAS13335 CLOUDFLARENETn/ano
2025-04-27 13:00:06 104.21.80.1SBL681411AS13335 CLOUDFLARENETn/ano
2025-04-27 13:00:06 104.21.96.1Not listedAS13335 CLOUDFLARENETn/ano
2022-02-03 15:15:42 45.84.206.54cpl35.main-hosting.euNot listedAS47583 AS-HOSTINGER- LTno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-01-24 18:26:12http://margos.org/dda/SYNT.exeOfflineexe GuLoader ext abuse_ch
2022-01-17 07:57:10http://margos.org/k6/putty.exeOfflineAveMariaRAT ext exe opendir rat abuse_ch
2022-01-17 07:57:07http://margos.org/k7/putty.exeOfflineAveMariaRAT ext exe opendir rat abuse_ch
2021-08-13 13:27:07http://margos.org/a1/ORI.exeOffline32 AgentTesla ext exe zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-01-24 18:26:124486318d812a32852db5a4b8bd19dc456890b6c9a1bd03ffe94e2ef189394d90exeGuLoader
2022-01-17 07:57:09dcdc2b5d1d114dbd7072c7c66751359e1e1fa28ce4679e2e8124f86a65a2d600exeAveMariaRAT
2022-01-17 07:57:07dcdc2b5d1d114dbd7072c7c66751359e1e1fa28ce4679e2e8124f86a65a2d600exeAveMariaRAT
2021-08-13 13:27:0609648c6629005ee5dc288fd1648a19fcca30422a817e8766d51d73becd619ce4exeAgentTesla