URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	pack-retrait.com
Domain registrar:	n/a
Domain registration date:	2025-07-28 12:33:09 UTC
Spamhaus DBL :	Phishing domain
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2025-10-24 20:11:05 UTC
Total malware sites :	13
Online malware sites :	0 (0%)
Offline Malware sites :	13 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-24 20:11:11	213.209.143.41		SBL675855	AS214943 RAILNET	DE	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-10-24 20:12:47	http://pack-retrait.com/sh	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:12:40	http://pack-retrait.com/kvariant.m68k	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:12:37	http://pack-retrait.com/kvariant.ppc	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:12:35	http://pack-retrait.com/kvariant.mips	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:12:30	http://pack-retrait.com/kvariant.mpsl	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:12:10	http://pack-retrait.com/kvariant.arm5	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:12:04	http://pack-retrait.com/kvariant.spc	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:12:03	http://pack-retrait.com/kvariant.arm6	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:11:57	http://pack-retrait.com/kvariant.arm	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:11:56	http://pack-retrait.com/kvariant.arm7	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:11:42	http://pack-retrait.com/kvariant.x86	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:11:38	http://pack-retrait.com/kvariant.sh4	Offline	botnetdomain mirai opendir	DaveLikesMalwre
2025-10-24 20:11:11	http://pack-retrait.com/kvariant.arc	Offline	botnetdomain mirai opendir	DaveLikesMalwre

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-10-25 04:56:55	4754ba2c70304caf0d09a485b29000913fac3b9d816a2f38489bb274fc6ea043	elf	Mirai
2025-10-25 04:17:10	97ecf7b9e0feedda7b49164d1db3bc6f500cb3d366d4101da7a867de6ece9361	elf	Mirai
2025-10-25 00:26:33	022c535e865b386302143eadf303b2bb39a6d126854b3639094e52612db0a882	elf	Mirai
2025-10-25 00:23:44	e2d60f9aed3575e03db2d6738f665546759f50a2e2d3155bdcfc612408672c59	elf	Mirai
2025-10-25 00:20:48	1f17516ddbff2132ca999cf8c6300950c02087e55aa7504be39e3980569a998e	elf	Mirai
2025-10-24 23:36:22	eb641b986f160fed6cc19247a32722c08939a7f8a67dcb75ea42cc46e315e688	elf	Mirai
2025-10-24 23:35:38	24d321e4de758896d9c1f828cb87d28a1af67f9fa2995ab11fa5f1f2d3413d44	elf	Mirai
2025-10-24 23:30:37	9f1bcd1653c40554cae8571e7ef28527bae29e1ebb75b17f1a764838eb5ded50	elf	Mirai
2025-10-24 20:12:47	ba753bfe68956aa2969797f8bd2b09adae91fa783f39a34e912c41410fe43134	sh	Mirai
2025-10-24 20:12:40	2acc0e2ba7ff735360a91589dd06a10a24a8d7020626b712711e2edca91fed6c	elf	Mirai
2025-10-24 20:12:37	8ee4cb9031cabed69d605f63acdbee54180c2bd06ba56edaba58d794b7f310a7	elf	Mirai
2025-10-24 20:12:34	eea0c5bf3c809a9ce2deabe1077a8821cf9ddcb96781bdbabd90d0ea2aa55541	elf	Mirai
2025-10-24 20:12:30	e823ba611f4bdc25b59fb165ea4f97e063196230e9da4b67e9e44a4e8cb6bf38	elf	Mirai
2025-10-24 20:12:10	fd52a0b9e37a818efb007e0d7217e72e1a66e59697f502ad17bdbc24b88c15ff	elf	Mirai
2025-10-24 20:12:04	9b2bbfdf17f12ba11bc7cf4e2ce0e5ba946bcbf0e77a750333f41d3e8a886757	elf	Mirai
2025-10-24 20:12:03	9d7de2b6a69e05a07c6570cff0689c52e4b484ff13c28df1c55dbdd7607437f5	elf	Mirai
2025-10-24 20:11:57	c023c22e37140dc267cd698ea17d4427fcbe246d0e23f83b6c1a3d79c5897403	elf	Mirai
2025-10-24 20:11:55	fd4d88108764849a402229e2da85649d8eeb1aa960ae87a7fc7387812689a3d5	elf	Mirai
2025-10-24 20:11:41	450be18635c16c15c17c49153e16b48b737da59bec633bc25e8474483e43e9d0	elf	Mirai
2025-10-24 20:11:37	d1990c2f56885e156261e8f9b1353b22e8df226b528c5ee87954296a0a9f8d69	elf	Mirai
2025-10-24 20:11:10	58cae915588b61d8632a3ce012ea87088876fb9581e691acc2317a39b63710fc	elf	Mirai