URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	medicalcorp.ro
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-11-30 13:11:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)
A record(s) observed :	6

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-09-25 15:37:54	185.181.100.84	eu-19.shopmania.biz	Not listed	AS9009 M247	RO	yes
2025-06-30 18:04:35	185.181.100.66	eu-01.shopmania.biz	Not listed	AS9009 M247	RO	no
2025-04-27 16:55:03	185.181.100.80	eu-15.shopmania.biz	Not listed	AS9009 M247	RO	no
2020-11-30 13:11:12	176.126.200.6	abc06.octosquid.com	Not listed	AS44043 Cyber_Folks-RO-DC_CLJ	RO	no
2020-12-11 14:53:19	176.126.200.0	static-176-126-200-0.hostvision.ro	Not listed	AS44043 Cyber_Folks-RO-DC_CLJ	RO	no
2020-12-11 11:51:15	176.126.200.2	abc02.octosquid.com	Not listed	AS44043 Cyber_Folks-RO-DC_CLJ	RO	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-12-08 21:39:06	http://medicalcorp.ro/royal3/gged/wrt/vwz/iola.exe	Offline	exe	Cryptolaemus1
2020-12-08 21:39:06	http://medicalcorp.ro/szvbmxy/bmplksd/zmp/glp/g...	Offline	exe	Cryptolaemus1
2020-12-03 14:15:06	http://medicalcorp.ro/tzvbmxy/bmplksd/zmp/glp/k...	Offline	exe opendir QuasarRAT	abuse_ch
2020-11-30 13:11:12	http://medicalcorp.ro/royal2/helper/gd/zt/jbrow...	Offline	QuasarRAT	Anonymous
2020-11-30 13:11:12	http://medicalcorp.ro/royal1/helper/gd/zt/fola.exe	Offline	QuasarRAT	Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-12-03 14:15:06	72059ace4818aab4e44f27c08b16914c773f9b91a5db14c889f6a8a893e016be	exe	QuasarRAT
2020-12-03 01:39:24	b31fb3832c2f366796fcc9165c60c58da5c866973377ab0d43f71586c461b8fb	exe	QuasarRAT
2020-12-03 01:37:10	d3b2b32d51ae45785f5292b9f2b8d131e15d886bd47d2c6a62eb65cf8c38d206	exe
2020-12-01 23:29:31	99a6c8e156dba4fda6e2b6ca0802cc08d49556b489e97618e565768329521413	exe	QuasarRAT
2020-12-01 23:26:48	7f3e5e8e94217110c158eb909a519c8878da9b887267e028454948d4b9a52ca6	exe	QuasarRAT
2020-12-01 07:42:24	b7823b23e2ef21045e77a01f2f34f86f387a607f4c1d949571c01c1fcdfd7fa1	exe	QuasarRAT
2020-12-01 07:28:22	23ed6ef7aec39fbc37b613e5ad3611a84ba1facc92489ed818dcc72bee129022	exe	QuasarRAT
2020-11-30 13:11:12	092223938bed5fec479602f4bf2cb0fd28dd628e8754714047b0b7939cd2e298	exe	QuasarRAT
2020-11-30 13:11:11	b3e1f3ed2ed33bd4d98232515b01f134dc62f5b2a440d8ed9abb9a163b2afcad	exe	QuasarRAT