URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: remdefrem.duckdns.org
Domain registrar:Gandi -
Domain registration date:2013-04-12 19:58:56 UTC
Abuse complaint sent?: Yes (2025-09-18 23:27:02 UTC to abuse{at}duckdns[dot]org)
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2025-09-18 23:26:05 UTC
Total malware sites :6
Online malware sites :0 (0%)
Offline Malware sites :6 (100%)
A record(s) observed :9

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-10-30 15:18:32 186.169.69.76Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COyes
2025-10-14 15:50:19 186.169.46.112Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COno
2025-10-06 15:19:35 186.169.76.187Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COno
2025-10-04 02:41:21 186.169.89.1Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COno
2025-10-02 14:58:32 190.255.89.251Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COno
2025-09-29 15:41:20 190.255.90.124Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COno
2025-09-22 15:27:55 186.169.60.81Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COno
2025-09-19 15:44:18 186.169.69.39Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COno
2025-09-18 23:26:11 186.169.82.76Not listedAS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC- COno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-10-04 02:41:25http://remdefrem.duckdns.org/pchichi.txtOfflinehuntio opendir rev-base64-loader Riordz
2025-10-04 02:41:22http://remdefrem.duckdns.org/dllchichi.txtOfflinebase64-loader huntio opendir Riordz
2025-09-18 23:26:13http://remdefrem.duckdns.org/x31agosto.vbsOfflinexworm BlinkzSec
2025-09-18 23:26:11http://remdefrem.duckdns.org/andre.vbsOfflineRemcosRAT ext BlinkzSec
2025-09-18 23:26:11http://remdefrem.duckdns.org/sostener.vbsOfflineRemcosRAT ext BlinkzSec
2025-09-18 23:26:11http://remdefrem.duckdns.org/31agosto.vbsOfflineRemcosRAT ext BlinkzSec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-11-11 23:44:2407ff969de6708f67279704fffc22e4f903befdf92fb7e12b9a14489b18838ff4txt  
2025-11-11 23:20:5207ff969de6708f67279704fffc22e4f903befdf92fb7e12b9a14489b18838ff4txt  
2025-11-10 19:36:29cb0ec11df5fb97d727bea30c9d207c70cb6508e3159b2a9d9dad062d39d78750txt  
2025-11-07 16:25:32613eeafd890461b83c122f46212263b2698413aacd117a07916883bff710d4d8txt RemcosRAT
2025-11-06 19:40:21613eeafd890461b83c122f46212263b2698413aacd117a07916883bff710d4d8txt RemcosRAT
2025-11-06 02:20:57e2ae3121af3fd9874ba17612b0c012ca1962dfd918cc1d479384dad7bf469c64txt RemcosRAT
2025-11-05 17:55:52cdf18dce59da13a347c6d2d60a0bf6190228b46e595863308769a1cb34ca5fd0txt RemcosRAT
2025-11-01 00:05:4371fc5b649c4ca8ada3d1b6cfdcc52337504238fcc4a705d967f6a4e54b49d4d5txt  
2025-10-29 23:32:1009106cfe70aef62ac9c44088a6f3522fb9fa3868e5a2bdc331c4fb0b5bf84e4etxt  
2025-10-28 00:22:09859de7f0b61c2ce5e61b9737583fb72a80b0219c13c200a2d0de3e0da7f38307txtRemcosRAT
2025-10-27 17:35:37f49e6e84c10ffdd05fcd7f49c6616f25f9385710009bc3dab7cc35bb212676d0txt RemcosRAT
2025-10-27 16:57:552612e4114bd164430b644d83bfc3f3ad50b160a245af5c9e30d5f96de84c8ff2txt RemcosRAT
2025-10-27 16:15:17f49e6e84c10ffdd05fcd7f49c6616f25f9385710009bc3dab7cc35bb212676d0txt RemcosRAT
2025-10-25 00:06:3129258ce3918dd64f9c36bcec4d356f3b3c7b58b90141d8b14d35d94c42d79be4txt RemcosRAT
2025-10-24 17:48:4879cb8e37238bd08ef54dd85c868a7b7b5062d3275820a9b541ac5219e2f78ccbtxt RemcosRAT
2025-10-23 10:10:02c884f32c87fc6ad239d98d00c37a8eb1cad4a38abb2d7e7bc6575339b7ba01datxt 
2025-10-23 06:56:507b7471de1ffb467bcabc40ed0d2bf08f0a255bb3c0f4f2e7babf0540d7ed99f5txt 
2025-10-20 14:40:03b835e4e06da50e5f51090c7a7e942d77c0b0f72a2e4ec73adb1c4f92e0de9955txt RemcosRAT
2025-10-18 15:38:32975ff4a35f09c1ad65fa8160461bcd679ef2ad921120ef1f11d9e5571ef414c5txt  
2025-10-18 05:47:29975ff4a35f09c1ad65fa8160461bcd679ef2ad921120ef1f11d9e5571ef414c5txt  
2025-10-08 21:46:30540ec378cbd516ca43ee050f1cde867abee50480e3b33bb216af9dd4b98cf1f4txt RemcosRAT
2025-10-04 02:41:255c53700dd0af623314c44fb4d22e250766bd3f57ad86be0c15f2536c44339c5dtxt  
2025-10-04 02:41:213c803751fb9d3b5c1a692674832792ab921752b389f7cf2015097a001194d981txt  
2025-09-27 19:39:557aab9283bc3a6e6bdf97fa60443aa9f9a7555ab11f1d284e37506bc0f7fb63fbtxt  
2025-09-26 03:28:377aab9283bc3a6e6bdf97fa60443aa9f9a7555ab11f1d284e37506bc0f7fb63fbtxt  
2025-09-23 22:12:23029a67953833635a2dd1ce8b836d312737ad032b4068e5c7417192544f336c60txtRemcosRAT
2025-09-23 03:35:59a7eb441904f6313210106340e8313e7a07a499365058424422b35b98921ff418txt  
2025-09-21 09:56:1247e114233db43a7fe2a41d141e30b838ba103ff13c3f6173c92b287c90317ad8txt  
2025-09-21 04:03:5447e114233db43a7fe2a41d141e30b838ba103ff13c3f6173c92b287c90317ad8txt  
2025-09-20 09:59:518a16ca84f43f9b9830f8fbd05b931d0c858e1158a5a1b8511d3b9a4c982217c1txt  
2025-09-18 23:26:13c0be33068b69f05dec7c85ba41b9ed08ae5e665213a61bb2022cafb9885873a5txtXWorm
2025-09-18 23:26:113d1d6889d78f16a9a5f912a3e6d2461870ea2ae282a3990146439198cfa20e54txtRemcosRAT
2025-09-18 23:26:11b62793039aad5767efff78f417b229fa730babc94cc3a77dd20eabc21d3913aftxt 
2025-09-18 23:26:11b62793039aad5767efff78f417b229fa730babc94cc3a77dd20eabc21d3913aftxt