URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	oscartordoya.com
Domain registrar:	GoDaddy
Domain registration date:	2019-01-02 13:26:33 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-11-27 08:21:03 UTC
Total malware sites :	6
Online malware sites :	0 (0%)
Offline Malware sites :	6 (100%)
A record(s) observed :	7

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-09-28 18:04:51	173.236.198.158	apache2-sith.iad1-shared-e1-12.dreamhost.com	Not listed	AS26347 DREAMHOST-AS	US	yes
2025-04-27 18:26:40	13.248.213.45	a67c48129651a0940.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-04-27 18:26:40	76.223.67.189	a67c48129651a0940.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2022-04-01 00:51:08	103.224.212.222	lb-212-222.above.com	Not listed	AS133618 TRELLIAN-AS-AP	AU	no
2022-01-07 15:02:45	34.98.99.30	30.99.98.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2021-11-27 08:21:06	50.31.176.38	single-7051.banahosting.com	Not listed	AS23352 SERVERCENTRAL	US	no
2022-03-31 17:47:09	103.224.182.250	lb-182-250.above.com	Not listed	AS133618 TRELLIAN-AS-AP	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-02 03:45:11	http://oscartordoya.com/neon.exe	Offline	exe RaccoonStealer	zbetcheckin
2022-01-02 03:45:10	http://oscartordoya.com/labss.exe	Offline	exe RedLineStealer	zbetcheckin
2022-01-02 00:20:16	http://oscartordoya.com/good.exe	Offline	RedLineStealer	Anonymous
2022-01-02 00:20:15	http://oscartordoya.com/sperr.exe	Offline	RedLineStealer	Anonymous
2021-12-04 10:15:05	http://oscartordoya.com/ruzki.exe	Offline	exe RedLineStealer	abuse_ch
2021-11-27 08:21:06	http://oscartordoya.com/wp-content/gosetup.exe	Offline	exe RaccoonStealer	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-02 03:45:11	13aa65d9723d2053dde5c53169586f0d2f4bb7d7365fac1018966c84900db17a	exe		RaccoonStealer
2022-01-02 03:45:10	e1f299af70f9732437f7b8e103f0af0681f1382f0b6ea64a7f7e1489206517dc	exe		RedLineStealer
2022-01-02 00:20:16	b473aa2e24b0c9a7c0e02a56553b1cb836985caeb4f9e52403019786fe4085e3	exe		RedLineStealer
2022-01-02 00:20:15	97cf766bdab271526be2ebb1cc1a71575a3dd68d4c5813976592fc45968aa30e	exe		RedLineStealer
2021-12-04 10:15:05	2cf6a392704eb1ede9545577028283a714d4abd1b53318ca11b3075dee799813	exe		RedLineStealer
2021-11-27 08:21:05	9684510f52cb986f32e2c3c9f9590b8dafb9786ca42d35586d353a7733b77fba	exe		RaccoonStealer