URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-06-06 15:33:14	104.26.2.16		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2024-06-06 15:33:05	104.26.3.16		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2024-06-06 15:33:10	172.67.75.40		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2024-03-15 07:52:07	188.114.96.3		SBL690066	AS13335 CLOUDFLARENET	n/a	no
2024-03-15 07:52:07	188.114.97.3		Not listed	AS13335 CLOUDFLARENET	n/a	no
2023-10-23 21:47:57	164.132.58.105	vps-c3e1e24a.vps.ovh.net	Not listed	AS16276 OVH	FR	no
2023-08-21 07:10:10	198.251.88.130	rentry.co	Not listed	AS53667 PONYNET	LU	no
2022-03-26 19:32:44	107.189.8.5	exit-node1.tor-for-privacy.com	Not listed	AS53667 PONYNET	LU	no
2021-04-21 08:59:04	51.158.178.115	115-178-158-51.instances.scw.cloud	Not listed	AS12876 AS12876	NL	no
2019-11-18 09:26:04	51.15.40.85	85-40-15-51.instances.scw.cloud	Not listed	AS12876 AS12876	NL	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-10-29 07:52:06	https://rentry.co/dyz665rb/raw	Offline	Amadey	abus3reports
2024-10-26 08:12:05	https://rentry.co/55nqefb2/raw	Offline		abus3reports
2024-10-19 10:50:12	https://rentry.co/7m465bkf/raw	Offline	Amadey	abus3reports
2024-10-03 18:57:04	https://rentry.co/etw4kxaq/raw	Offline		Gi7w0rm
2024-09-25 15:04:03	https://rentry.co/dasd5zzb/raw	Offline	ps1	NDA0E
2024-09-21 06:19:05	https://rentry.co/mb5grod8/raw	Offline		Anonymous
2024-08-10 10:17:04	https://rentry.co/c969otqb/raw	Offline		abus3reports
2024-08-10 09:51:04	https://rentry.co/vbiyvsof/raw	Offline	injection zip	abus3reports
2024-07-27 13:24:05	https://rentry.co/microgods/raw	Offline	dllHijack LummaStealer ps1 shellcoderunner VenomRAT	NDA0E
2024-07-01 06:38:14	https://rentry.co/regele/raw	Offline	bat CoinMiner MoneroOcean xmrig	NDA0E
2024-06-13 10:53:06	https://rentry.co/4s8s8kkg/raw	Offline	ascii	abuse_ch
2024-06-13 10:53:05	https://rentry.co/5xo7akcm/raw	Offline	ascii Formbook	abuse_ch
2024-06-06 15:33:14	https://rentry.co/gp98m7wa/raw	Offline	ascii Formbook	abuse_ch
2024-03-15 07:52:07	https://rentry.co/eusy72w7/raw	Offline		0xhtml
2023-08-21 07:10:10	https://rentry.co/crackeedandetected/raw	Offline	floppaware infostealer powershell ps	Anonymous
2021-04-21 08:59:04	https://rentry.co/6xfwv/raw	Offline	exe	vxvault
2019-11-18 09:26:04	https://rentry.co/wtf3/raw	Offline	njRAT	_nt1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-10-29 07:52:05	855ce9747237a67a501262190819d4c70d3c2d80ea55ce63130dae1345bebebd	txt
2024-10-26 08:12:05	6efbdf1b2b64e40eb2c39dcd802d536510d9ddbd16ccbb5bb1ef3a672bde8393	bat
2024-10-19 10:50:12	4f399ebaf91bbb53683cef1c70676322b281affca228c97b602b12f0148d60b1	txt
2024-07-27 13:24:05	74d1819bce426331791de8daee057a2c7d45590ca65e21110e7af1897328606b	txt
2024-07-01 06:38:14	21d6e0b0e8135a929a77f48e00d286bfa4fc2d749a61529e559b8a5ceb63e47b	bat
2024-03-15 07:52:07	30f0238568f0a36a065062b475f7dc0416212ff1484d65a69ccd3642971f75d1	unknown
2023-08-21 07:10:09	549dcf0b2dd8440575cff29fddbc5e23c6ba4871c0394e76bfec8b9aa6ef7e75	txt
2021-04-21 08:59:04	bdaf47aa1f57d6f7d0850e601ad8ae48fedd864bc1c7cd0c21302c8d31d12785	txt
2019-11-18 09:26:04	b7ed9d27ebaaf256558f234ac61a8aa2bc7e610b2d0ac332401f7685a1872673	unknown