URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	rafts.top
Domain registrar:	Namecheap
Domain registration date:	2025-02-14 14:23:06 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2025-09-18 07:22:06 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-09-18 07:22:10	158.94.208.185		SBL686264	AS214943 RAILNET	DE	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-10-11 18:22:06	http://rafts.top/WXX.exe	Offline		vovaan
2025-10-11 18:22:06	https://rafts.top/HVC.exe	Offline	exe	vovaan
2025-09-18 07:23:07	http://rafts.top/HVC.exe	Offline	a310Logger exe	abuse_ch
2025-09-18 07:22:10	http://rafts.top/MMM.exe	Offline	a310Logger exe	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2025-09-18 07:23:07	72c644728850c6741c033d774ec5f1076faf5feaccca17b80b7f3f7817331566	exe		a310Logger
2025-09-18 07:22:09	da3f6cf27a03bd8e7463774e60dceea1aef6f1001e6450e66c2732c7bed3d092	exe		a310Logger