URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	protestlabsmovings.es
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2019-11-10 11:18:02 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	10

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-07-16 11:20:15	104.223.143.70		Not listed	AS16509 AMAZON-02	US	no
2020-07-10 01:16:07	67.43.239.171		Not listed	AS36666 GTCOMM	CA	no
2020-07-07 11:33:30	185.189.112.191		Not listed	AS9009 M247	DE	no
2020-06-30 20:19:32	104.223.143.93		Not listed	AS16509 AMAZON-02	US	no
2020-06-02 15:16:49	46.21.147.175	46-21-147-175.static.hvvc.us	Not listed	AS29802 HVC-AS	NL	no
2020-05-11 15:35:12	45.14.112.101		Not listed	AS3170 VELOXSERV	GB	no
2020-01-21 17:49:49	104.223.170.113		Not listed	AS16509 AMAZON-02	US	no
2019-11-29 18:01:40	104.148.41.60		Not listed	AS16509 AMAZON-02	US	no
2019-11-23 18:50:05	104.148.41.16		Not listed	AS16509 AMAZON-02	US	no
2019-11-10 11:18:09	213.108.198.204		Not listed	AS216475 nktelecom	DE	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-07-10 16:55:09	https://protestlabsmovings.es/rukop/wnrCLqWI1j9...	Offline	AgentTesla exe	abuse_ch
2020-06-30 20:19:32	https://protestlabsmovings.es/domry/LIjJHBNFy.exe	Offline	exe Loki	abuse_ch
2020-05-11 15:35:12	https://protestlabsmovings.es/trilp/build_QaDIy...	Offline	encrypted GuLoader Loki	abuse_ch
2019-11-10 11:18:09	http://protestlabsmovings.es/mgbohy/Frityp.exe	Offline	exe Loki	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-07-11 15:58:16	912861dd71bda93e31e1e703f29d73eef374d3ef24bc4170d21132f088884d92	exe	AgentTesla
2020-07-11 07:17:22	a3009b66e611127884db7d845017ace8c556820e757e97993abc312b62a11ecd	exe	AgentTesla
2020-07-10 18:43:05	28b754fa7438d0186ad750f74e6ad182e11d8aa5f6566793ac73b393a4b30276	exe	AgentTesla
2020-07-10 16:55:09	160e88f42b6a24d4a995142e7e6288f44bf85fbf1afcc0dd9ff4931bd9bc82f2	exe	AgentTesla
2020-07-02 01:51:15	7afb56dd48565c3c9804f683c80ef47e5333f847f2d3211ec11ed13ad36061e1	exe
2020-07-02 00:16:42	55388e13d65ddcd067ba248d76628b6ebbdb1a51fbcef36589d11604fb3a0e54	exe	Loki
2020-07-01 18:55:25	1df4c75f2c8119a401b59d5954a031c0af8490764a7127dcd02185b27154162c	exe	Loki
2020-07-01 16:20:32	1feb6a5f318bf4076cd084cd271d697491cb897e1ab91d397d7f08f66d2e1799	exe	Loki
2020-07-01 15:37:52	1f39849a2b65f4a84501e900aa8226f4ab93f89a51203640a77c6c33cb470589	exe	Loki
2020-07-01 14:44:16	69f1c09a3db83dae38ff8fb5f323689ac245b2bde06133d49d33d1e05ada8b7f	exe	Loki
2020-07-01 14:34:16	e4aa32ccbd12c96a8f49039a2e2e7395089a0cb9a524ba38dc33f8066275482c	exe	Loki
2020-07-01 12:39:30	d1a78264bce1e629719b047552173eb7b6a4805b2cf1d92de0231d7762dbc224	exe	Loki
2020-07-01 11:18:20	551d0cab361858a7aabce4f156aba860a3e40a4a17962a0b5b822402b37b4305	exe	Loki
2020-07-01 09:25:27	f1ff4a8c0b69b04ac52186300cc66f5c122ab87ff70d757211ccc049013299e4	exe	Loki
2020-07-01 06:56:29	2c249db68985414c6d06f92cc5b113657fe7f3b6f647a7119147bd8fbbf95f82	exe	Loki
2020-07-01 00:05:48	950afdfc712687ef06676b890a73936fecf980e947f9f2f0d36ea89dc6b3f40c	exe	Loki
2020-06-30 23:30:41	ff9ebbc66b229b2170d67b4475d64d0eba2a6c01ff8ad155299985d32149e2e1	exe	Loki
2020-06-30 21:12:40	31b2092367fc66eddbde56095bed49cc271d7a6e388b1f70951bd27cc4fa3c9a	exe	Loki
2020-06-30 20:19:31	06384ff303fadeb1b7f8a3eb85b996cdb4e738f30397e927da65204649056e8d	exe	Loki
2020-05-11 15:35:12	d2e017d1088f12a5c841f7eb20c743965f3cd6f8d9cb06b39e05fe4f6eab3a0a	unknown
2019-11-11 19:41:33	4bd34301092b32567930a690b77b2341cc4e48be131f735098987be62fbd5428	exe	Loki
2019-11-11 16:24:22	dbb13b8375f032e1549bc5469f261076439822fd2967921cffea3ac25f65354b	exe	Loki
2019-11-11 13:25:31	76f5382294619ddf7df60b12e706dead2fa1d2988b2721488848d6b31f7a32c1	exe	Loki
2019-11-11 00:12:12	1024baeefe54ba599f925f49fa7a19470bef896cd9ae894c1f721b7d78f3715b	exe	Loki
2019-11-10 20:18:33	eae4a6a3711cb56d463dd0990dbd69948e61bfcae5aadfbf9cadb9489f8f96c2	exe	Loki
2019-11-10 18:14:31	2e4792c7f5d828e310ce9cf2b7446e137d4033339a38fd15409bdbdf9cd0decb	exe	Loki
2019-11-10 16:52:47	fd7bf26f625259baa40c0ffaf193eba0f72c01e99a83b752b8546a231dd8d548	exe
2019-11-10 16:15:24	acb2866a268a1814d9e67da6b151e494ffa21498b3b37d57d0bb8ad7c525ee94	exe	Loki
2019-11-10 13:35:33	82a8653192b32aa5215458ed3518e3ef38c022de0c0c91119d22c73f184a592a	exe	Loki
2019-11-10 12:37:26	e1189905a962cbfbbd4e5d0e69a0cd7a12cdf1b47608e95899103a98675efa10	exe	Loki
2019-11-10 11:18:07	2b8895004f21ae10dd35787385807ea83303eb8730f4a6375f159a7788bef7bc	exe	Loki