URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: reflexmall.com
Domain registrar:Public Domain Registry -
Domain registration date:2021-01-05 07:17:22 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2023-05-17 13:06:44 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :9

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-05-02 03:41:11 13.248.169.48a904c694c05102f30.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USyes
2025-05-02 03:41:11 76.223.54.146a904c694c05102f30.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USyes
2025-11-22 00:17:42 20.125.28.80Not listedAS8075 MICROSOFT-CORP-MSN-AS-BLOCK- USno
2025-07-14 21:19:22 44.232.173.249ec2-44-232-173-249.us-west-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-07-14 21:19:22 52.40.42.113ec2-52-40-42-113.us-west-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-09-12 12:37:03 166.117.110.61Not listedAS16509 AMAZON-02- USno
2025-09-12 12:37:02 99.83.161.153a2b7bf3398455f345.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-05-14 07:19:36 52.20.84.62ec2-52-20-84-62.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USno
2023-05-17 13:06:48 95.217.147.97static.97.147.217.95.clients.your-server.deNot listedAS24940 HETZNER-AS- FIno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-05-31 14:29:13https://reflexmall.com/uala/OfflineBB30 geofenced js Qakbot ext Quakbot ext USA zip Cryptolaemus1
2023-05-17 13:06:48https://reflexmall.com/dreo/?1OfflineBB28 geofenced js Qakbot ext Quakbot ext USA Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-05-31 22:44:517bef4296abc4e31dab9382bd364198a39dda6e1840fda0d056fff7c9a3ea9d32zip Quakbot
2023-05-31 20:34:0584eb5b4ddc4dd8c70b499a0305f147ff69c0a573f6926c16f1fdc3fded14482czip Quakbot
2023-05-31 18:44:19c781a7547411ef33f2601664972a7be2973f338bc514c6e5a2df0e2de94839efzip Quakbot
2023-05-31 18:11:2930fd7cdc0a6462152ba2339bab72e8c87ebed26836f03b30be77102fcd758e4azip Quakbot
2023-05-31 15:47:117718a3ebbbfca88fd6ffd2e862d2a082f075ccc6b539f40b0787a09e160278dfzip Quakbot
2023-05-31 14:29:1314ed5a71a472026ddabf1d45a08c77058d0b53af5bd48b422983e8f1d6c9c869zip Quakbot
2023-05-19 18:16:41d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37ajs  
2023-05-19 14:41:33d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fjs  
2023-05-19 03:16:0751ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4js 
2023-05-19 01:39:041a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eejs  
2023-05-18 23:55:06bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780js  
2023-05-18 22:46:376016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59djs  
2023-05-18 18:39:33c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021ajs  
2023-05-18 16:16:15d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182ejs  
2023-05-18 14:31:34b862a93a7d9a6cc9845785e59f75bbfdb5a908541fe2f9ac39130c72f62a7119js  
2023-05-18 13:07:27716b277dffdcf3099c8c86e0198ddab7a5d55627de582e5b73e900db63fed67ejs  
2023-05-18 11:48:358fe6b80c39f345411e663560d164edb44cbf0ad7ba4914ba79f02bb403348f27js Quakbot
2023-05-18 08:17:006d5e3d77360658771bba4d35e8dd94a77d30f33a7c30ab86b66e271b54d2a638js Quakbot
2023-05-18 07:27:328a1f226245e5f15e87409d617437e6d102c8267d28d1bdb3f198a89620b090edjs Quakbot
2023-05-18 06:19:48dc7a9209bb0458b585fb71acb0ae6a651d790217507b141df605e7290800960cjs  
2023-05-18 03:51:53fe38571546fce56178ef24eac652a6bdb02adb17817e8381824c1e1039b5f642js Quakbot
2023-05-18 01:43:5024c2f222f6f2809f7c5dda15d789a41d9424dfce3714fe71bed9fbb0e077503ejs Quakbot
2023-05-18 00:53:0573b1e3fe01be0b7a83d8ac43d397530b110d3ece6e3ff93d424b36d0b7336aa8js Quakbot
2023-05-18 00:07:30f33a199b902aff95c3dede5cbfe632298042593120c23bc925987f2dcdcfce53js Quakbot
2023-05-17 22:38:34cfc68b43d74cf7d5fd05920f53d7e80393899308fd60fbcd60c8582770294bc1js Quakbot
2023-05-17 19:55:13621b5cf40077c9b8235e3525da2dea7b28a80029ac3f7ee7477d78c780f4b8c7js Quakbot
2023-05-17 18:21:210107042269a76269dd71d3dc19e72a1759d421cbf33b9758b94f08c93f0989e6js  
2023-05-17 17:03:194a91fb2765da3056fe04bf5254fac9eb72f1fb4f8026845d71ffe672d4daac8cjs Quakbot
2023-05-17 15:29:5853182e2434b52d11490f911c908c6c23755d667fca1a03ac5d4be2cc9b0cd61djs Quakbot
2023-05-17 13:06:48d3174d21c0af8584eb01c73536a3c50de953ccf9c1486afb0e38c63e608d5342js Quakbot