URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	public-ftp.com
Domain registrar:	n/a
Domain registration date:	2024-04-18 08:32:38 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-04-18 09:01:05 UTC
Total malware sites :	6
Online malware sites :	0 (0%)
Offline Malware sites :	6 (100%)
A record(s) observed :	37

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-05-02 20:09:08	45.143.94.3		Not listed	AS214822 MTFINANCE-AS	RU	no
2024-05-02 07:27:57	78.111.88.62		Not listed	AS208951 AS-ITGLOBALCOM	NL	no
2024-05-01 18:30:45	5.42.94.175	flashy-flowers.aeza.network	Not listed	AS39493 RU-KSTV	RU	no
2024-05-01 18:01:57	91.149.233.195		Not listed	AS26383 ASNET	DE	no
2024-05-01 16:42:46	185.68.93.48	mdarik.example.com	Not listed	AS56577 ASRELINK	RU	no
2024-05-01 06:44:11	78.153.149.131	my12.ip-ptr.tech	SBL640463	AS207713 GIR-AS	RU	no
2024-04-30 20:12:37	78.153.149.126	cite.ip-ptr.tech	SBL640463	AS207713 GIR-AS	RU	no
2024-04-30 13:04:06	31.41.45.0	danixhtiwnqa.example.com	Not listed	AS56577 ASRELINK	RU	no
2024-04-30 12:34:33	141.8.192.252		Not listed	AS35278 SPRINTHOST	RU	no
2024-04-30 12:14:52	193.164.149.241	vds-cl89844.timeweb.ru	Not listed	AS9123 TimeWeb-AS	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-04-29 21:01:08	http://public-ftp.com/img/logo6.jpg	Offline	dropped-by-SmokeLoader LummaStealer MarsStealer	spamhaus
2024-04-27 23:01:18	http://public-ftp.com/img/logo5.jpg	Offline	dropped-by-SmokeLoader LummaStealer PureLogStealer	spamhaus
2024-04-24 11:02:15	http://public-ftp.com/img/logo4.jpg	Offline	dcrat dropped-by-SmokeLoader LummaStealer PureLogStealer zgRAT	spamhaus
2024-04-20 11:01:09	http://public-ftp.com/img/logo3.jpg	Offline	dropped-by-SmokeLoader LummaStealer	spamhaus
2024-04-18 16:01:20	http://public-ftp.com/img/logo.jpg	Offline	cutwail dropped-by-SmokeLoader LummaStealer PureLogStealer RedLineStealer	spamhaus
2024-04-18 09:01:10	http://public-ftp.com/img/logo2.jpg	Offline	dropped-by-SmokeLoader LummaStealer	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-05-02 09:16:28	ab1686a078433d515b501f5423b3046d6d1f70b2c9be21d2d3bf71b5d8465107	exe	LummaStealer
2024-05-01 17:34:17	ff182e2466a4af2d4f3ca6fc59fd401fe8bce908f6fd30611f3696288ae6f8cd	exe	LummaStealer
2024-05-01 17:06:26	c316ad85dfb8d9dd5bb2b3813651061070f39e43c58485dd3ee114f5b0f97e13	exe	LummaStealer
2024-04-30 12:14:48	b6426c4324151df914b807fe68d0e4f5a15aea3a3082fcb7e4595a4b113f7657	exe	LummaStealer
2024-04-30 10:05:11	97a8cbf52c015225390868a7d95e7a54dbbf7c29a9805783052458b72d92f8dd	exe	Cutwail
2024-04-30 00:56:30	a88d67c5fb8e6c66fc49da74ffec98e6ef60f505dd289a903cbbc232adf97e92	exe
2024-04-29 21:01:08	a8f650461896b4e0b644582141a6c5ea42c07e9b0dfbd199c5d377eb40b929b5	exe	MarsStealer
2024-04-29 18:24:49	a65b290aa9ebfb82746cf75440c19956169f48d7dcbebafde6996c9b46039539	exe	LummaStealer
2024-04-29 17:41:00	b6426c4324151df914b807fe68d0e4f5a15aea3a3082fcb7e4595a4b113f7657	exe	LummaStealer
2024-04-29 17:22:14	c3bea79ec05b068c75b2b0d0f6fb3169d54670b5dbdf84d06a3360ff89b2fef3	exe	LummaStealer
2024-04-29 16:34:18	1f36770f712ddc39232583723f0c43d4f11d680fae143f79a8158d6a0f015702	exe	DCRat
2024-04-29 14:11:52	c92824e4a46135f56d4162ceba5765adf00264cb4305327509371259dfdb7e35	exe	LummaStealer
2024-04-29 12:04:07	878966291372a9633242af15570a8bbe31699b5e0b650e806af4742da1f6b35d	exe	LummaStealer
2024-04-28 22:18:45	a34126ae25d19b56f8dafedc523b2ff1e14f7e8c93496817918a5bb6099acfdc	exe	PureLogStealer
2024-04-28 10:22:29	be9880ef9ccc6b51f6e22e21884bf7092da435c96a072bd9e9515eb88b7c6bd5	exe	zgRAT
2024-04-28 09:48:36	93f357d221fc7f72bec7195e11c8a00b9e128448850a88ca66c8cc95fa47272f	exe	RedLineStealer
2024-04-27 23:01:18	a3d0da10bbcc7c503f5e71ce7184c78a0648333c38333e102887326846e596a3	exe
2024-04-27 22:09:39	8029bb75c733a49efcb6d7f37d65dc29f9cbe8eeedd08ca5d6c4702aa2c803c5	exe	Adware.Generic
2024-04-27 21:28:37	8ea33dfd0e80f75db31401ac0a7402ec254c1f6be6445b3cc87433973b6f3fc2	exe	PureLogStealer
2024-04-27 15:31:28	878966291372a9633242af15570a8bbe31699b5e0b650e806af4742da1f6b35d	exe	LummaStealer
2024-04-26 12:42:51	9e86e4796a51e2cae9487ec086aa2159b65a037808e70a0e7dbaf5a946a8801e	exe	LummaStealer
2024-04-26 00:21:54	d5038b0adfdfc36c23dbaafd982bb50bb0e9fc10838e731e10d182d91b28d970	exe	RedLineStealer
2024-04-24 11:02:15	a319864b27cc93f963d4418f363bc01aecf4d45f77730ac70d619deaad9423b2	exe	PureLogStealer
2024-04-20 11:01:09	d040b1cad2d958a927b1a5552e455a2de58c2379b65050a853f383df9836f5b5	exe	LummaStealer
2024-04-20 08:41:04	95256b28dfb85f1d5bafdec109950775733d4af82acc0512151639695c57e469	exe
2024-04-18 16:01:20	9e86e4796a51e2cae9487ec086aa2159b65a037808e70a0e7dbaf5a946a8801e	exe	LummaStealer
2024-04-18 09:01:09	acab94050ce3e61fb227467c5b3c1cf22bc2956fa81399f68876bc4236458d4f	exe	LummaStealer