URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: ripple-wells-2022.net
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-12-09 08:52:09 UTC
Total malware sites :6
Online malware sites :0 (0%)
Offline Malware sites :6 (100%)
A record(s) observed :3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-12-09 16:15:19 188.93.233.243Not listedAS47674 NETSOLUTIONS- PTno
2022-12-09 13:36:41 88.119.169.16122100-39219.bacloud.infoNot listedAS61272 IST-AS- LTno
2022-12-09 08:52:21 88.119.169.15722708-38241.bacloud.infoNot listedAS61272 IST-AS- LTno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-12-09 09:06:08http://ripple-wells-2022.net/yzoyoebw6fqrey/iF3...OfflineArkeiStealer ext exe vxvault
2022-12-09 09:04:11http://ripple-wells-2022.net/yzoyoebw6fqrey/npp...OfflineArkeiStealer ext exe vxvault
2022-12-09 09:01:13http://ripple-wells-2022.net/yzoyoebw6fqrey/npp...OfflineAmadey exe vxvault
2022-12-09 08:58:11http://ripple-wells-2022.net/n8exrcvvse1m2/sync...Offlineexe SystemBC ext vxvault
2022-12-09 08:55:13http://ripple-wells-2022.net/n8exrcvvse1m2/Emit...OfflineCoinMiner exe vxvault
2022-12-09 08:52:21http://ripple-wells-2022.net/n8exrcvvse1m2/avic...Offlineexe LaplasClipper vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-12-10 09:59:51af8890c3a9430938483b741df88f6806b25f6723713f978aaefb4a8989d6aca9dllSystemBC
2022-12-10 08:33:00a98b0087e10d01411982e9539ff9e6185242c8c7af6229895bb844f8aaf9f73edllSystemBC
2022-12-10 08:27:087bdbe9f96bc377ff2381f680aba0d62851e17c9a8258e91798455b30b3839aaaexe LaplasClipper
2022-12-10 08:24:42f73d823313bd7218e8a3a00916ccbe3137e19ed4679a43a452663dcce1c799d9exe Amadey
2022-12-10 07:56:000418f4b64a679eee072b4dda9ec792471bf573d0fc6302cdcafcd2ae692e925aexe ArkeiStealer
2022-12-09 20:39:22261ecfdc3d6f92d133875061f586edb53fa639a146e0303213f28e1de42bcf55exe  
2022-12-09 20:33:45e83cc90eaa0bafe3145cdc992932ac30a1e652a7db32c675fb2d2690b2b1df78exe Amadey
2022-12-09 20:33:3584715bb56c661b957270cf9951e86595195426e688aee085ce844d7aa7b143f2exe  
2022-12-09 16:15:273fe31e45150b48a7d4094d20723f4ed26febc3433e66197ece222541ef361595exe  
2022-12-09 13:46:453a9172d328fe0ba9c3aa3b754ffaa9fca58e98831d82d10d57894eb25945255bexe  
2022-12-09 09:06:0804805512d670fb5f37bdf17bf00aae6976650f82c0b4bd342f3506d204f7aea2exeArkeiStealer
2022-12-09 09:04:119922432bfa7768bdfb6e8b079c90744c9f3d33a5a258a97abc8519f81a680e40exeArkeiStealer
2022-12-09 09:01:13682abd62b6e3c0e8ca57f079cd96f2d3848752eaf7002bdf57bfb512bd242811exeAmadey
2022-12-09 08:58:11ead2c5aaf92fe07db45b99587f586c7a45f92c67220cd8113a5d2e7bcb320798dllSystemBC
2022-12-09 08:55:135eb7b2fd13264f066b10946539eff6be750647de246cf791e57ca4c17b0b9c31exeCoinMiner
2022-12-09 08:52:1538381a42975028b181430a80d6009988d0d0cfa42493d3efbbfb72d3abe97648exeLaplasClipper