URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	seedwellresources.xyz
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-07-08 07:35:05 UTC
Total malware sites :	8
Online malware sites :	0 (0%)
Offline Malware sites :	8 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-07-08 07:35:08	68.65.123.182	server277-3.web-hosting.com	Not listed	AS22612 NAMECHEAP-NET	US	no
2020-08-03 19:40:13	216.170.119.24		Not listed	AS63052 AS-CBBC	CA	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-04 11:09:05	http://seedwellresources.xyz/bin_dXCUEN226.bin	Offline	encrypted GuLoader	abuse_ch
2020-08-03 18:39:23	http://seedwellresources.xyz/ori20_oiToyRpawE14...	Offline	encrypted GuLoader	abuse_ch
2020-08-03 18:30:28	http://seedwellresources.xyz/oke2_IHLFXBUJkM209...	Offline	encrypted GuLoader	abuse_ch
2020-07-31 07:11:04	http://seedwellresources.xyz/oke2_EHusZY26.bin	Offline	AveMariaRAT encrypted GuLoader rat	abuse_ch
2020-07-30 07:15:05	http://seedwellresources.xyz/oke_qrerqI1.bin	Offline	Encoded	abuse_ch
2020-07-08 12:46:04	http://seedwellresources.xyz/P51BzRf7dvl2tnx.exe	Offline	AgentTesla	JAMESWT_MHT
2020-07-08 07:44:06	https://seedwellresources.xyz/uT5wiEYASje8CME.exe	Offline	404KeyLogger exe	abuse_ch
2020-07-08 07:35:08	https://seedwellresources.xyz/P51BzRf7dvl2tnx.exe	Offline	AgentTesla exe	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-04 11:09:05	ea4dad6357c42ec9335a6e040e1adae6bb9bbbfed75e93add86c8ec3d31a57f4	unknown
2020-08-03 18:30:28	651bcba78e377e538ae5c9f5c60a9c84632a2bd83d199b3c8eddd25f343dd0ee	unknown
2020-07-31 07:11:04	1f99fe292898c52620db32c982bac94363adad1a26b59d76c08e294571ad259e	unknown
2020-07-30 07:15:05	77e333beafe132eca70e3bae48595517a8fbb5eab3ed227d3ad7ea94a0a5542e	unknown
2020-07-08 16:43:22	25d54e7bb7ca46ee81002c8ab00c4ee380ed24ed965133ad76b5f5eea5b10929	exe
2020-07-08 15:05:49	098887084eac16e8244df9b182583fe69544eda0d651075269557f03afc9f424	exe
2020-07-08 12:46:04	38a83ed65dd375ad496b01eb7bf0f050983b1a289f1fcb01e9898fa7565ddd63	exe	AgentTesla
2020-07-08 07:44:06	151caa538da3b32889f7aa47133860846700a816b902f5eeac6bb39d795c6812	exe	404Keylogger
2020-07-08 07:35:08	38a83ed65dd375ad496b01eb7bf0f050983b1a289f1fcb01e9898fa7565ddd63	exe	AgentTesla