URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	mrfreeman.shop
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-12-01 09:35:10 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-06-02 05:08:57	47.76.127.217		Not listed	AS45102 ALIBABA-CN-NET	HK	no
2025-06-02 05:08:57	47.91.170.222		Not listed	AS45102 ALIBABA-CN-NET	HK	no
2025-06-02 05:08:57	8.218.208.240		Not listed	AS45102 ALIBABA-CN-NET	HK	no
2022-12-01 20:47:26	5.206.224.61	lukslab.com	Not listed	AS47674 NETSOLUTIONS	PT	no
2022-12-01 09:35:12	45.8.144.98	milton.example.com	Not listed	AS209847 THE	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-12-02 01:25:13	http://mrfreeman.shop/DgxuGixWrsAdtx/avicapn32.exe	Offline	32 exe LaplasClipper	zbetcheckin
2022-12-02 01:09:10	http://mrfreeman.shop/nppshell32.exe	Offline	32 AsyncRAT exe	zbetcheckin
2022-12-01 09:35:12	http://mrfreeman.shop/DgxuGixWrsAdtx/wevtutil.exe	Offline	exe RedLineStealer SystemBC	vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-12-05 13:01:56	50a156c3f0896574896914d6943e851c81599e03e319d505f327eacc96fa6546	exe
2022-12-05 10:44:41	630c8683a14364d7922574039f48d4c5763db300336b326716385e3c557ac479	exe	LaplasClipper
2022-12-05 10:41:05	e27ac6756cbebfb6679f7f6b8428aa24efca10a089aaf582f14b3b07ef1d044b	exe	RedLineStealer
2022-12-05 09:54:16	fa669ba964bed83adc5ba714c1ad13f3f1458685f1dfb7f15b1153287f918395	exe
2022-12-05 01:56:36	1d374ffd6bca52ab6e3b87864dcc5a14b396266c02e886756f55524a7af47b9d	exe
2022-12-05 01:21:58	22d356755eee957f75b09e389ec629da6988502275bba71cd7f600a53033ba3a	exe	RedLineStealer
2022-12-04 00:20:32	878f26886d0cb4d45c8072e97f10a5406f07ad7163c8dfd2dd61b81a58c85215	exe
2022-12-03 22:42:55	261711de27d5ff2dca6ab8a29d6c71dc2f897b8f9fe93be7f7a499f46e5caad0	exe	AsyncRAT
2022-12-03 22:38:02	01ef194861611da3374baa47765dd98f4133a2317a8cf16674c7f42b45f0cb4e	exe
2022-12-03 22:28:26	0f4bef20f214d4f9b6a5f189201ee69ca330a91accbd8253a15676d86b1aa4c2	exe	SystemBC
2022-12-03 01:44:16	7b6637b2e136f7d7faa5d8a860e7849896ce548a6681840df2adacb23808782d	exe
2022-12-03 01:08:42	3e8e78921c85f9fcf7b053b6e4da0ed7f5a47abb22ebb1fd12c68485df6be9b7	exe
2022-12-03 00:50:28	c0d148914e1c4d73ed16addd530a0cc30a3818bdf7d99eac1643252d8b37cac9	exe
2022-12-03 00:38:43	5371907d2d8f6ca5c4c595f65929fd2b0434d11ba82d7939030a38759367f1df	exe
2022-12-02 01:25:13	d2ca311fbe4e597f29e25b9e1992b796a6fdbf5b3181ee7fc95caac508679c81	exe	LaplasClipper
2022-12-02 01:17:33	e774b64170ea54274f9193e871da0412fa53835451f2f26277d9a474ff1ae7d5	exe	SystemBC
2022-12-02 01:09:10	1cd90a306cb04ddc66545e47d7ca55d2bbc1dc0877d79f0cdfabadedc43f87e7	exe	AsyncRAT
2022-12-01 10:52:50	691de4b62a44a670c721c4015a854c157d73be1bf96e412133b0d1ea7124ae4e	exe	RedLineStealer
2022-12-01 09:35:12	e5e3a8a79f5d94cf3653932e942ce03e02145060328a0c82f0049c5f558b9dd3	exe	SystemBC