URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	sharetext.me
Domain registrar:	Porkbun
Domain registration date:	2020-08-04 13:44:38 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-09-02 18:11:02 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	24

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-09-14 02:56:02	75.2.115.196	a815a0b269b119624.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2025-08-16 16:39:29	199.59.243.228		Not listed	AS16509 AMAZON-02	US	no
2021-10-02 06:36:10	104.21.51.236		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-10-02 06:36:10	172.67.191.176		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-12-17 16:19:42	162.159.137.85		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-12-17 16:19:42	162.159.138.85		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-09-30 13:39:07	172.67.202.21		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-09-30 13:39:07	104.21.76.235		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-09-25 06:29:53	104.21.5.214		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-09-25 06:29:53	172.67.133.221		Not listed	AS13335 CLOUDFLARENET	n/a	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-08-02 12:28:06	https://sharetext.me/raw/d3anodwv1n	Offline	rat RemcosRAT rev-base64-loader	abuse_ch
2024-05-22 18:34:06	https://sharetext.me/download/aiuvrzvvls	Offline	ascii powershell ps1	abuse_ch
2024-03-02 18:30:15	https://sharetext.me/download/7gnhw9iqiv	Offline	ascii njRAT powershell ps1 rat	abuse_ch
2021-09-02 18:11:04	https://sharetext.me/raw/s5bxw8wu	Offline	vjw0rm	AndreGironda

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-08-02 12:28:06	e1f9a4f530f6395665807ae8da7c9d13076e57dbdc05cedb2ad13cd85af8a931	txt		RemcosRAT
2024-05-22 18:34:06	12059241839d449fc90e46b18853bbf3b51e53651eb44349481544f876b84bd3	unknown
2024-03-02 18:30:15	7c8fae9042b659af1079ace04faa792cefcd2b944f5415d46e96b18d2c29c2ba	unknown