URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | merckllc.top |
|---|---|
| Domain registrar: | NameSilo  |
| Domain registration date: | 2023-10-25 02:53:26 UTC |
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2024-02-20 07:12:14 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 2 (100%) |
| A record(s) observed : | 9 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2024-02-21 01:58:12 | 104.21.75.7 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2024-02-21 01:58:11 | 172.67.166.59 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2024-02-20 07:12:18 | 188.114.96.3 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2024-02-20 07:12:18 | 188.114.97.3 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2024-02-20 13:00:39 | 188.114.96.9 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2024-02-20 13:00:39 | 188.114.97.9 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2024-02-20 12:02:36 | 188.114.96.0 | SBL686925 | AS13335 CLOUDFLARENET | n/a | no | |
| 2024-02-20 12:02:36 | 188.114.97.0 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2024-02-22 11:05:25 | 195.123.233.171 | vds1258292.hosted-by-itldc.com | Not listed | AS204957 GREENFLOID-AS | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-02-20 07:13:16 | https://merckllc.top/pages/bigzx.exe | Offline | exe NanoCore  rat |  abuse_ch |
| 2024-02-20 07:12:18 | https://merckllc.top/pages/legacyzx.exe | Offline | AgentTesla exe | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-02-20 09:44:43 | 307e36dbfa77c7fe9d4ed5cb61d36a4fada75e7a2db52db3e1df80d222f768d0 | exe | NanoCore | |
| 2024-02-20 09:23:12 | e46d09bf964fc8abfc1bcc2ed4b4aacf0ae3da0687d5a440973c79eea24e88bd | exe | AgentTesla | |
| 2024-02-20 07:13:15 | b54e60c9821848c2ed3555992e7a413738176ceee30700fb264b0cda23b6c541 | exe | NanoCore | |
| 2024-02-20 07:12:18 | f8d2f6125900a4d4381bbe33e1aacd61773713e6118de4ea0ee9beb490ef8c5b | exe | AgentTesla |