URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	megadulces.com.mx
Domain registrar:	n/a
Domain registration date:	2010-02-23 00:00:00 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-06-13 17:52:35 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 10:34:46	192.185.193.121	192-185-193-121.unifiedlayer.com	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	yes
2023-06-13 17:52:43	192.185.193.124	192-185-193-124.unifiedlayer.com	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-13 17:52:43	https://megadulces.com.mx/vrp/	Offline	BB32 geofenced js Qakbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-06-15 14:52:59	f410d12064fa3e90314c929b4448722dce7db86cb5822933672af7a2ee3292b2	zip	Quakbot
2023-06-15 13:45:25	2c6fed58dba6edcadccf9c0f339e44b181702a128a32fc270fdc9e611a37348b	zip	Quakbot
2023-06-15 13:10:36	bcb0b5349ccad593408a97fd5bd67a8ad6c033c11696d490851299a95ae984c0	js	Quakbot
2023-06-15 10:49:11	cedbd9190a6d058a86c4870c07ed8c06e5a99033532ff508f0efdd334ce134ed	js
2023-06-15 08:58:41	2383a71aed495a7d8ccc6591df82546ba2dbaf218e9a3cd6e47faeca2c91d428	js
2023-06-15 08:19:30	a0a9741d7ff5d18e33f4ba023d003a155f0a7b22871287798a94dd7db2d78dfa	js
2023-06-15 00:24:02	8a1ed6811f0f43e4480396d153775dd04bf3ca832f4fedfc8877c6c5ace4cc48	js	Quakbot
2023-06-14 15:02:21	7b53ef911370dd9299319f1b125aede4b48611ae51a003cdbf67ee995cc6592c	js	Quakbot
2023-06-14 13:42:24	2851c11b72361b9b5d32db0d92edb18a0c8fa75ff8cd6ea897a423d79afd5da1	js	Quakbot
2023-06-14 12:33:32	6f3207bcada9b33fc5a6ba36e5e2e5bd54a4dcf8d133159c9bcd9fcbb62f8122	zip	Quakbot
2023-06-14 11:15:00	c673bfcb47ede45a743fd4f7a77f4191994558953aa9456806cb2fd6281a9031	zip	Quakbot
2023-06-14 10:49:29	2dae93e4b7c7c6d149df3f3171cfff9d70aa5814668e10c23ad5fdbe3a8de584	js	Quakbot
2023-06-14 09:33:30	b759298afeb2c1d6fa981ea47fc760912388cb629959a6cf1121be469fb61653	js	Quakbot
2023-06-14 07:17:50	25f87b525bf0bf9ffae58b1f2f8684f93079e2aa7f022fc4669f9eb4e498ee63	js	Quakbot
2023-06-14 06:55:51	ab9a4655862e09bcfaab36bcb19e3beee69a0935253295f3befa3c8cb0641f8f	js	Quakbot
2023-06-14 05:57:58	b9ca9f87d2a85f7b671c1d08dd34a71081ec109909c5868ec4fd07ac739bc0de	js	Quakbot
2023-06-14 04:05:12	8b2b5ab2f87cee54c8cc50586169b8759ffe94753cdf9084e2f12cd58cadcfc7	js	Quakbot
2023-06-14 03:15:40	2932accaf419737fe7893701457ed834ad17fbad8b735b46d8ae62b25ac88291	js
2023-06-14 02:37:50	77c675434a968c42c4c87fff76bec73a3d698bacb2a311dd9c90754ff2c0d0b8	js	Quakbot
2023-06-14 01:48:04	905af047345addcf40ced0d92bc5164fad2cc99dead0c067e5b5f091d2e9c24d	js	Quakbot
2023-06-14 00:47:24	add7b2404d100de57002112b331d4da59f8150b90a3bb609c1f06289389a9307	js	Quakbot
2023-06-13 22:49:26	f9bf334845a79050c8648bc6d50fe12fe1ff7eaf9ccfa1b88428d8692c1d9c5e	js	Quakbot
2023-06-13 21:54:39	58a104218ed7ece5c31800e1f1fdc76882c4f6a6009bee726a54579874e99460	js
2023-06-13 20:18:33	d71206a9c8377a836d6ab31a4ce976b3afdb682db44628e7e6504e2cc182ba9c	js	Quakbot
2023-06-13 19:55:31	95f2521606f82ae3b1a8d0431a422c6b9ebb5c047ce4d8cfd9f1850b80f2cdf9	js	Quakbot
2023-06-13 17:52:37	57c6e46915487292316b14b5703105f8dcd0d12e72510826abc8146f94789650	js