URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	niancr.world
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-03-07 16:48:03 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-03-07 16:49:06	104.21.35.233		Not listed	AS13335 CLOUDFLARENET	n/a	no
2023-03-07 16:49:06	172.67.180.171		Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-03-07 16:49:06	https://niancr.world/java/centos/33940/10032b.exe	Offline	Amadey dropped-by-PrivateLoader RedLine RedLineStealer	andretavare5

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-03-09 08:40:41	e79f6b647f3dea75b425804ecdcd7e42c966a7168cf47228b94c252da7eee4a6	exe	RedLineStealer
2023-03-09 06:18:02	89f41404ab215bf17a4bcc91d16a45521b7b9ef84ea4a0415fb650048bee6590	exe	Amadey
2023-03-09 05:22:28	6307345617eee657d55b05d3b9696a8569220f16eb6d4a2092eb07bc25cf00f4	exe	RedLineStealer
2023-03-09 03:22:16	412e681eb695cc92d63a15d08040aba1eb2d64a7e16b829aedde95eba9e793af	exe	RedLineStealer
2023-03-09 01:45:44	ff1f02ee600cec6dae576aaeebd75f8f8c696753eb56a916603cc8e1dd8f9c54	exe	RedLineStealer
2023-03-09 00:44:06	89b79d34567c98670363e66c8ff39b3b076693553744ed122e28143b0b0b0c79	exe	RedLineStealer
2023-03-08 22:39:04	80fdacf20dafe660e7ea195411ad2595860259cd140f93e1376d04932d9a9765	exe	RedLineStealer
2023-03-08 21:13:38	3a1e6d5f76e8d2cc7c78dabeb6bfbffc298324fa712a55d137a1e095f762dacd	exe	Amadey
2023-03-08 19:13:49	7c98bc665b12e5b4602947e7f6eab31e12497516e2888e0edbd7c6e9dfd3ec49	exe	RedLineStealer
2023-03-08 17:35:47	d479fbc3b01161bcdbfa1a314df42b29947ba1c115139aa93cb03997f4deb864	exe	Amadey
2023-03-08 16:30:36	a12518fcdbf4356e37cb65eed176d260f460dd66cd0ff2ac5f22fcd90bad8868	exe	RedLineStealer
2023-03-08 15:20:26	564a9dd018dc5d85c1e8406409196f91184ae2ef342115733c7a666eabf44567	exe	RedLineStealer
2023-03-08 14:21:01	012246d33d0db647d7d358792ca9610d561f0cfdbb7b173966842d93ad4af725	exe	RedLineStealer
2023-03-08 12:11:04	84acf5932e36ea7bb2c94b9c634c5b34b5564ec881596ce0efae3a9066301eae	exe	RedLineStealer
2023-03-08 09:15:06	073cfa9c393ec523939794ed92996a25d4693a936db98eefa17744a44946eb70	exe	RedLineStealer
2023-03-08 08:29:47	fb355965642d20a78b7a471b60f0d6e2ec1f6ed6ec3560665244c57a506cd38d	exe	RedLineStealer
2023-03-08 05:44:55	fceb3b6d7ea0f7d13e45f8aad5f61490f8ab9b095b1a5872aa370fec58b03715	exe	Amadey
2023-03-08 03:44:52	e59ca3b68b66ebc9e0a7e47c38dbce2a1f1de6a48d9c151f4e1c3072d7da428c	exe	RedLineStealer
2023-03-08 02:24:58	40f45b29f62c96640b2a63dd7ac82af790691772ee6de48e46a243e78ee428bf	exe	RedLineStealer
2023-03-08 00:52:01	e6c6569a66256fc40bcbc3ded95a27998f5d1b0387f91099e9e97cdad4bdeecd	exe	Amadey
2023-03-07 23:58:52	a7a9f5effd1031c48c4abf0eabda7a776945b6f41eeaec5a009a305ca000a44d	exe	Amadey
2023-03-07 22:50:13	da67b579a79711316bea01386826c26dd956ce8cf31695d7391a243a7588143a	exe	RedLineStealer
2023-03-07 20:20:39	a2d2e85551546b62fa238f23860cff382bcb3dfaff891d070105a01ba5c15626	exe	Amadey
2023-03-07 18:49:25	f0ec980108157002c8ca92507a2caa1f9a2cfa548959c7b1a2533ab7030966ee	exe	RedLineStealer
2023-03-07 16:49:06	f400e7797e267ecf94f95740aff8b443ff77f47f5bf434ad9c301bce119c5641	exe	RedLineStealer