URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: phcn.xyz
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-08-12 06:03:03 UTC
Total malware sites :14
Online malware sites :0 (0%)
Offline Malware sites :14 (100%)
A record(s) observed :10

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-10-25 11:48:03 13.248.169.48a904c694c05102f30.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USyes
2025-10-25 11:48:03 76.223.54.146a904c694c05102f30.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USyes
2025-05-15 21:14:20 199.59.243.228Not listedAS16509 AMAZON-02- USno
2025-04-27 14:09:54 185.199.108.153cdn-185-199-108-153.github.comNot listedAS54113 FASTLY- USno
2025-04-27 14:09:54 185.199.109.153cdn-185-199-109-153.github.comNot listedAS54113 FASTLY- USno
2025-04-27 14:09:54 185.199.110.153cdn-185-199-110-153.github.comNot listedAS54113 FASTLY- USno
2025-04-27 14:09:54 185.199.111.153cdn-185-199-111-153.github.comNot listedAS54113 FASTLY- USno
2021-09-19 23:26:28 104.21.33.228Not listedAS13335 CLOUDFLARENETn/ano
2021-09-19 23:26:28 172.67.193.154Not listedAS13335 CLOUDFLARENETn/ano
2021-08-12 06:03:04 185.239.243.112ns1.20mb.nlNot listedAS212238 CDNEXT- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-08-13 15:05:04http://phcn.xyz/arinzezx.exeOffline32 exe SnakeKeylogger ext zbetcheckin
2021-08-13 11:41:06http://phcn.xyz/abdulzx.exeOffline32 exe GuLoader ext zbetcheckin
2021-08-13 11:41:06http://phcn.xyz/makenobodyzx.exeOffline32 exe SnakeKeylogger ext zbetcheckin
2021-08-13 07:29:06http://phcn.xyz/brownzx.exeOfflineAgentTesla ext exe abuse_ch
2021-08-12 19:32:05http://phcn.xyz/wealthzx.exeOffline32 AgentTesla ext exe zbetcheckin
2021-08-12 12:20:04http://phcn.xyz/bigshoezx.exeOffline32 exe SnakeKeylogger ext zbetcheckin
2021-08-12 08:42:08http://phcn.xyz/ejikezx.exeOffline32 exe SnakeKeylogger ext zbetcheckin
2021-08-12 08:42:03http://phcn.xyz/plugmanzx.exeOffline32 exe NanoCore ext zbetcheckin
2021-08-12 08:03:03http://phcn.xyz/bobbyzx.exeOffline32 exe Pony ext zbetcheckin
2021-08-12 07:21:08http://phcn.xyz/mazx.exeOfflineexe Formbook ext abuse_ch
2021-08-12 07:12:04http://phcn.xyz/swagzx.exeOfflineexe Formbook ext abuse_ch
2021-08-12 07:11:06http://phcn.xyz/nwannezx.exeOfflineexe SnakeKeylogger ext abuse_ch
2021-08-12 07:10:03http://phcn.xyz/templezx.exeOfflineexe SnakeKeylogger ext abuse_ch
2021-08-12 06:03:04http://phcn.xyz/assadzx.exeOfflineSnakeKeylogger ext AndreGironda

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-08-14 21:00:53f32d5ff5615d85125b9573650524f6c1ad08bb4d607c99160e05e3c926493573exeAgentTesla
2021-08-14 21:00:39db94eea912fa5087e20056419fcdb18c4ef411c436a3e1956082e4833e250f73exeSnakeKeylogger
2021-08-14 20:57:4951bdb523ecd763fe84346fd6f52353c82f420ca6dfe9b9fd43dcb5306418becdexeFormbook
2021-08-13 15:05:04ed38554e6ba513baec1a33967903263d06c6e131fbde04f80e2c315a81c113a2exeSnakeKeylogger
2021-08-13 11:41:06b0476ad99bea620c89a4a582981a14e58dc68ff63d85ec96c26b92773263c485exeSnakeKeylogger
2021-08-13 11:41:0663349f5e1cb7e662593709d14ed76838362d5b81fd3efedf1b7b307f343fe377exeGuLoader
2021-08-13 07:29:06af88a248b62900d44c23599046b0fa91ce187e9d77975a7a9c63ac2f4d2e7705exeAgentTesla
2021-08-13 06:45:00b6ddc9b6cfd9c7fe89df2b6b997b7155f43f27505f3890127ec4e1921ed336a8exeNanoCore
2021-08-13 05:05:38f332af6b1d5bdf611ccca13b210a751c550cb15fc007521eae8f3c837a162f05exeNanoCore
2021-08-12 19:32:051753f2373b77f90cf8c6b94fbe533bdf25ec3415eebd88e5fadbe8bdc1137dabexeAgentTesla
2021-08-12 12:20:043db7acda49978813a627559815f7ed9af54b7eb1a914ad41ed3bddcdc96ebbb6exeSnakeKeylogger
2021-08-12 09:45:4967617f95de4c19d97e4de6934d2b29e02625853fe80a205ff4086c8bb32cd4abexeNanoCore
2021-08-12 08:42:085c48b185c563d651a20fa4c212d08550810f1fd459351ece28509805061b19beexeSnakeKeylogger
2021-08-12 08:03:03221f9234191861597cddd0b7ed46d92f05ec2adf3b077abd29e5c60ead2f9cceexeDownloader.Pony
2021-08-12 07:27:40300255f5b9216ec3e80aeb8d74b644f7b8ec836c56eee077c793ae348514dcc4exeSnakeKeylogger
2021-08-12 07:21:08878730d98ca2b265653a8c94f41fbb35a564fd36453a04c830d7c59a626f633eexeFormbook
2021-08-12 07:12:044b1dcf9d1e2518e912abcee672aadcaed51f1aa435e3dc1b3fb43d047ec24f1eexeFormbook
2021-08-12 07:11:067d6908ae43fb741400ac24a976de03ee6e72a8a306e3fdea805aa4257fb93f1bexeSnakeKeylogger
2021-08-12 06:03:04c8ec3993f019e1eb809a9087b55a63fca50e09670c5e7747f499af35869fdd7bexeSnakeKeylogger