URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: qadir.tickfa.ir
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2021-02-23 16:07:03 UTC
Total malware sites :7
Online malware sites :0 (0%)
Offline Malware sites :7 (100%)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-02-23 16:07:05 188.253.2.221tickfa.irNot listedAS62048 ACAI- AUyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-02-25 13:51:05http://qadir.tickfa.ir/ID3/raww-crypt.jpgOfflineexe zbetcheckin
2021-02-25 13:50:06http://qadir.tickfa.ir/ID3/IMG_Scanned_0339.jpgOfflineexe Formbook ext zbetcheckin
2021-02-25 13:50:06http://qadir.tickfa.ir/ID3/IMG_0273_Scanned.jpgOfflineexe SnakeKeylogger ext zbetcheckin
2021-02-25 10:53:06http://qadir.tickfa.ir/I4/RF_IMG_7510.jpgOfflineAgentTesla ext exe abuse_ch
2021-02-25 10:53:06http://qadir.tickfa.ir/ID3/ZkKfnBXzyAM9ArT.jpgOfflineexe rat RemcosRAT ext abuse_ch
2021-02-23 16:07:07http://qadir.tickfa.ir/ID3/IMG_0352_Scanned.jpgOfflineexe SnakeKeylogger ext abuse_ch
2021-02-23 16:07:05http://qadir.tickfa.ir/ID3/IMG_57109_Scanned.jpgOfflineexe SnakeKeylogger ext abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-05-16 12:33:293d2c536a141d872434bbe74c0590f5e148bd9d19f1896bcd47561f242845bf9bexe  
2021-05-15 16:55:19a300e776d295300530a2b1a3337c5c1a2f2f6189986a11105a6e8635c53060d7exe 
2021-05-14 05:42:345db71d1145c994d51893def9ef50a8c625dea282fe1162f4692d0ea5863db40fexeSnakeKeylogger
2021-05-14 04:30:18f37f0ec65cce902cd72e475256e14eeb8af5321dd212416202faa159015c89b4exeSnakeKeylogger
2021-05-12 11:23:035c859bc3ded07b2e011fe5e8b90ad8d743acc61b67df3e6effe4442740406ed7exeAgentTesla
2021-05-06 18:08:409f23f57e841220348901e85fef4117ecdea509ece927104b235b57ccb9453146exe  
2021-05-06 12:49:034efe3982ed0fe6a4190cc1acd45542605882230c659908caf3d06c600abc3dfdexeFormbook
2021-05-05 23:30:34739ca6c19dc99355e9dc717d4bd48a693103ab7b3f18c1ece86960f816b84d3aexeFormbook
2021-05-05 21:00:41d083795015b6216c6cb22455dcf79bb9fccef45bdbdf58413f82795897aa75e5exe 
2021-05-05 17:51:11eae01f0c0608b020e8d21c5463651710310a78c3b40107d77276636ecdfca8e1exe  
2021-03-02 06:07:43d8ee033fd7412aab1bb71f667581f6c197f6ccd114ec6d6979c7b79ad28aac55exe 
2021-02-25 13:51:0544e0cbb71f45ffa77eecd718ba1bba3362da2b7d1ef260474a39d143acd65260exeRevCodeRAT
2021-02-25 13:50:06c4ecf783cb909d0371e5f6befd9a8abb616f37f75ef1cbb030613539a864ba85exeFormbook
2021-02-25 13:50:0644b78526b1f36229b220443c428ad6f6d6c9ce9f36cdbe77eaeeb22487ae7f2bexeSnakeKeylogger
2021-02-25 10:53:06b46e6c9e8689b4e186b8c6bebbd4000f874b7f68737b72d7408f0943c77b42b6exeRemcosRAT
2021-02-25 10:53:063d652eb897291f8eb2fe8f9374007388b0cd426a797de77545b82a325dde762aexeAgentTesla
2021-02-23 16:07:05d94a4a6168a3ac40c2ea8e5c387f49eff603121da76a0ac80f0e63c73cb16e0cexeSnakeKeylogger
2021-02-23 16:07:057655e3c652f82270892b4505044f6e404cf49a61193f3894cacd24e6843611ccexeSnakeKeylogger