URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host rootcellar.us.

Database Entry


Host:rootcellar.us
Spamhaus DBL:Not listed
SURBL:Not listed
Firstseen:2018-07-02 10:44:45 UTC

IP addresses


The table below shows all IP address obsered for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones).

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-05-17 20:31:36184.168.221.54ip-184-168-221-54.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-25 18:06:3150.63.202.37ip-50-63-202-37.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USyes
2019-04-12 13:46:5150.63.202.43ip-50-63-202-43.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-12 06:31:00184.168.221.33ip-184-168-221-33.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-11 12:19:45184.168.221.35ip-184-168-221-35.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-10 00:16:12184.168.221.56ip-184-168-221-56.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-05 16:47:2450.63.202.42ip-50-63-202-42.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-04 05:53:2450.63.202.38ip-50-63-202-38.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-03 17:50:1950.63.202.48ip-50-63-202-48.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-03 11:49:57184.168.221.50ip-184-168-221-50.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-03 05:48:11184.168.221.34ip-184-168-221-34.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-02 23:43:0250.63.202.33ip-50-63-202-33.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-03-28 22:22:55184.168.221.45ip-184-168-221-45.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-03-28 10:14:20184.168.221.38ip-184-168-221-38.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-03-20 02:28:2150.63.202.49ip-50-63-202-49.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-03-06 07:39:24184.168.221.47ip-184-168-221-47.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-03-05 13:35:2750.63.202.34ip-50-63-202-34.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-03-05 07:34:59184.168.221.43ip-184-168-221-43.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-03-04 23:06:22184.168.221.41ip-184-168-221-41.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-03-04 17:00:24184.168.221.55ip-184-168-221-55.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2018-07-02 10:44:46107.180.25.42ip-107-180-25-42.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno

Malware URLs


The table below shows all malware URLs that are associated with this particulare host.

Dateadded (UTC)URLStatusTagsGSBReporter
2018-07-02 10:44:46http://rootcellar.us/tracklist/tracking_number.pdf.exeOfflineGandCrab Ransomware.GandCrab Clean@JAMESWT_MHT