URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	meganmall.ga
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-08-05 07:46:32 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	15

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-08-18 21:15:20	84.38.180.84	iphone-inshop.ru	Not listed	AS49505 SELECTEL	RU	no
2020-08-18 04:44:52	188.68.221.251	dst.artsc.ru	Not listed	AS49505 SELECTEL	RU	no
2020-08-17 02:58:25	82.148.31.93	eeriecritters.com	Not listed	AS50340 SELECTEL-MSK	RU	no
2020-08-16 02:36:57	80.249.146.165	crossroadsint.com	Not listed	AS49505 SELECTEL	RU	no
2020-08-15 05:09:12	31.184.254.243	dqyebm28fxhynzuh.com	Not listed	AS49505 SELECTEL	RU	no
2020-08-15 00:06:35	31.184.254.170	dzrqw7xgljsv0ua4.com	Not listed	AS49505 SELECTEL	RU	no
2020-08-12 09:33:43	84.38.180.247	maslib.ru	Not listed	AS49505 SELECTEL	RU	no
2020-08-11 05:59:29	5.101.50.34	d1ieetgxcnxi3qt8.com	Not listed	AS49505 SELECTEL	RU	no
2020-08-10 02:36:18	188.68.221.140	mail.ru	Not listed	AS49505 SELECTEL	RU	no
2020-08-09 02:33:12	188.68.221.184	dhxkw3zyesstikd5.com	Not listed	AS49505 SELECTEL	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-17 09:11:18	http://meganmall.ga/~zadmin/cwd/10bil.exe	Offline	exe Loki	zbetcheckin
2020-08-17 07:00:08	http://meganmall.ga/~zadmin/cwd/12pm.exe	Offline	exe	abuse_ch
2020-08-13 09:06:13	http://meganmall.ga/~zadmin/cwd/7harl.exe	Offline	exe Loki	abuse_ch
2020-08-05 07:46:36	http://meganmall.ga/~zadmin/cwd/9ap.exe	Offline	exe Loki	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-18 21:17:22	1b0f25b9bf0c76f9a52d3f5952f47b203e7112c72f8234d51155442bddddd42f	exe
2020-08-18 01:11:06	a91a2fee2c92252d81b361b25f6f59206bec285b72fb16668cfb3f763fed6798	exe
2020-08-18 01:08:53	170412a03a376ee2926f490ae9fcc9333cdbe70b9087f34a95a5dc5df7d2d574	exe
2020-08-18 01:08:48	d1eacf6fd03bf8343cc75690f36c05807a0f0f3c9d84df5b1a3aa2262f94c5d8	exe	Loki
2020-08-17 09:11:18	65c3e0ebd94dee16c8ec9ec9624a6150028919393f46f076793b25530e03ec6d	exe
2020-08-17 07:00:08	46a8cd49147840874de19fba4807e2780189fa7e81b58fe01013b69f6aca34ac	exe
2020-08-16 19:56:55	4ec8f45cc239f5a961458515e6e60bc4045a6c7d8a6d348c793e1ac3b7d00bd0	exe
2020-08-13 23:54:16	0724bc0b4abf5e1ae32a9fb01f6a9e18b6d5f086f8b19c3d41cd172fbf57e6bc	exe	Loki
2020-08-13 09:06:13	a89c531ad157965de03cf15ab2783f0b24e6db0981556a7bf5ad8fe5c7d66ef5	exe	Loki
2020-08-13 00:44:08	4da78171535f6cac47cc2036732466172fc9baa2e25bcfd3580fc28c7fdc03a9	exe	Loki
2020-08-12 01:01:08	f0e2e080166406744cb6481cbfd1b077fcdf8feb618f23108d0f27c4e451ffcb	exe	Loki
2020-08-10 22:44:44	4bfa05cd7b99febfc8a1fc9384b24cd0c4a313ea79f519885db706825a04a092	exe	Loki
2020-08-10 07:56:42	cb04e4e0e4c41fe7ab03dde2522a181761acb34360c613e5f4f85f6991c5f889	exe	Loki
2020-08-09 23:08:46	bb85f8d47a2e364d0c20980d7bc6637b4bca353aaf083b5612cbc3ba8b1a73a9	exe
2020-08-06 23:02:25	99648118478a249b85f2c4e245ea642d0bdfaf029c013652cf0bed9c381704a2	exe	Loki
2020-08-06 00:09:10	f24ba3f7acbd2c5dcdc1a3a4d92d36e0c882dc56ad022ad88695e432e3d75297	exe	Loki
2020-08-05 07:46:36	3d8cf478e496182ae32a54994a79720e6b5d79e0237e14287290fec3b22fe0bb	exe	Loki