URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	swretjhwrtj.gq
Domain registrar:	Freenom
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-08-24 11:44:02 UTC
Total malware sites :	31
Online malware sites :	0 (0%)
Offline Malware sites :	31 (100%)
A record(s) observed :	8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-08-31 19:43:49	45.66.10.29	free.example.com	Not listed	AS211381 PODAON	NL	no
2021-08-24 23:16:18	104.21.46.21		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-08-24 23:16:19	172.67.222.157		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-08-24 11:44:04	104.21.86.82		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-08-24 11:44:04	172.67.216.236		Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-09-02 12:49:03	http://swretjhwrtj.gq/reviewDriverSavesintoHost...	Offline	32 dcrat exe	zbetcheckin
2021-09-02 12:49:03	http://swretjhwrtj.gq/acd.exe	Offline	32 exe RedLineStealer	zbetcheckin
2021-09-02 12:49:03	http://swretjhwrtj.gq/PowerShells.exe	Offline	exe	zbetcheckin
2021-09-02 12:49:03	http://swretjhwrtj.gq/ShellExperienceHostss.exe	Offline	exe	zbetcheckin
2021-09-02 12:42:13	http://swretjhwrtj.gq/build.exe	Offline	32 exe RedLineStealer	zbetcheckin
2021-09-02 12:42:03	http://swretjhwrtj.gq/isnlod.exe	Offline	32 exe RedLineStealer	zbetcheckin
2021-09-02 12:42:03	http://swretjhwrtj.gq/11.exe	Offline	32 exe RedLineStealer	zbetcheckin
2021-09-02 12:42:03	http://swretjhwrtj.gq/GoogleGoogle.exe	Offline	32 ArkeiStealer exe	zbetcheckin
2021-09-02 12:42:03	http://swretjhwrtj.gq/test.exe	Offline	32 exe RedLineStealer	zbetcheckin
2021-09-02 12:42:02	http://swretjhwrtj.gq/xqw.exe	Offline	32 exe	zbetcheckin
2021-08-27 04:19:05	http://swretjhwrtj.gq/111.exe	Offline	32 exe RedLineStealer	zbetcheckin
2021-08-27 03:05:05	http://swretjhwrtj.gq/zxsa.exe	Offline	32 ArkeiStealer exe	zbetcheckin
2021-08-27 03:05:05	http://swretjhwrtj.gq/savesrefcrtDllsavesCrtdhc...	Offline	32 dcrat exe	zbetcheckin
2021-08-25 21:32:05	http://swretjhwrtj.gq/ZXCXZCsssssssssssASDFasdf...	Offline	32 CoinMiner exe	zbetcheckin
2021-08-25 19:04:03	http://swretjhwrtj.gq/B555uild.exe	Offline	32 ArkeiStealer exe	zbetcheckin
2021-08-25 05:46:06	http://swretjhwrtj.gq/proliv75.exe	Offline	RedLineStealer	zbetcheckin
2021-08-25 01:46:05	http://swretjhwrtj.gq/aqwcccccccczxc.exe	Offline	dcrat	zbetcheckin
2021-08-24 22:10:03	http://swretjhwrtj.gq/CD.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 22:05:04	http://swretjhwrtj.gq/v2.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 22:01:07	http://swretjhwrtj.gq/1.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 21:43:07	http://swretjhwrtj.gq/arasholit.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 18:48:04	http://swretjhwrtj.gq/autorun.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 15:15:03	http://swretjhwrtj.gq/system.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 15:02:07	http://swretjhwrtj.gq/CPU.exe	Offline	CoinMiner	zbetcheckin
2021-08-24 14:02:04	http://swretjhwrtj.gq/Downloader.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 13:58:05	http://swretjhwrtj.gq/v1.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 13:45:05	http://swretjhwrtj.gq/@Rarenut0.exe	Offline	RedLineStealer	abuse_ch
2021-08-24 13:45:04	http://swretjhwrtj.gq/Buld2.exe	Offline	RedLineStealer	abuse_ch
2021-08-24 13:41:07	http://swretjhwrtj.gq/GPU.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 13:41:05	http://swretjhwrtj.gq/PerfmonitordriverCommon.exe	Offline	RedLineStealer	zbetcheckin
2021-08-24 11:44:04	http://swretjhwrtj.gq/JJJWOWOW.exe	Offline	ArkeiStealer RedLineStealer	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-09-02 12:49:03	4b648c17bb169cf81da7a4d1182238b96463ed58474ef6b539818fdb19291a32	exe	DCRat
2021-09-02 12:49:03	b7c646c4dfa6a14915e1e003460c9f8acfa8addee9e5e5856476ebb84ac90a64	exe	RedLineStealer
2021-09-02 12:42:13	5d124c343ca289f13081d3b447859ef55da2562c3ae650e984995f68c26b1a97	exe	RedLineStealer
2021-09-02 12:42:03	a5e7fc18a5e344a7f398d03f8b4e2cf0f2579e4d70c90915376e066cec01505a	exe	RedLineStealer
2021-09-02 12:42:03	7c78dc5ccbdff7e949fed9b04fcfd5a3b312f0fe950441094d77e8bdbf393491	exe	RedLineStealer
2021-09-02 12:42:03	6c011b07a1ea9b18709ea1604b54821ccd1cf10b5e82032bb9a722199d8357c5	exe	ArkeiStealer
2021-09-02 12:42:03	39fb0e426b3a793c3e3eadc0a8ddb93f5639ac2b9c98ffc9e66e27fbc01fdcf1	exe	RedLineStealer
2021-09-01 17:27:54	ccfe8fddce9f17fd8851a62d3e7d0e2610982e834d2401673b6d16eaac5e684b	exe	RedLineStealer
2021-08-27 04:19:05	a32770d46ee2ee5b91cc36e5159868ec3ff7f847e7516d7bcb952f7a94e347a2	exe	RedLineStealer
2021-08-27 03:05:05	382dbb2ef5f54e3735817318b680935e068749651f702213ab3edfb7842115fd	exe	ArkeiStealer
2021-08-27 03:05:05	d7fa1b64c4a5a79700791c113b5b2594a2194a8ca83bf18494337ef12d88fdb6	exe	DCRat
2021-08-25 21:32:05	24b35ddd2195133e968aeed816c92367a47413f58506138e75441446be1524de	exe	CoinMiner
2021-08-25 19:11:50	bc99b42680a19379e7030dc0871c143afd142ccb9b12efd2942a97e706f7dd59	exe	ArkeiStealer
2021-08-25 05:46:06	51442e324f993001dbfaa1ed17ff119b0f392f22e47a1835d89514cd1d77c027	exe	RedLineStealer
2021-08-25 01:58:50	105f84831dddedb6f03fd79e892afaa1fed238b4f7538058f45fa28e10cb244b	exe	DCRat
2021-08-24 22:53:25	3fe1eb9d42f269e15ac61afb0869f64ee4436d47521aee29035a8cff2c632af5	exe	RedLineStealer
2021-08-24 22:05:04	9c1ddfa908ee08b1e2efedc8a6e9a00cccbaa941a927f210fb15ea0ad781b57e	exe	RedLineStealer
2021-08-24 22:01:07	0a17ef3263b6b35cb6a99754dcd6349922d3a377de87c9a0516c284a4082b3eb	exe	RedLineStealer
2021-08-24 21:43:07	7f5f108eabea4020022851e2dc521b16e7e46c13b7935e4269c0eef2df7341ec	exe	RedLineStealer
2021-08-24 18:48:04	e7e2a6b03469fb8c542986035a5a67997e1afc3e78d93f267028db4672c68207	exe	RedLineStealer
2021-08-24 15:34:44	2e1064e3bd2d37cd96495c01f326d4a543b77e38045a983e93e99a4704df206f	exe	RedLineStealer
2021-08-24 15:02:05	33a236fd56543bf3915e16cfffb3c6a4b0f92c9ba444744339e3bcc10f285d61	exe	CoinMiner
2021-08-24 14:02:04	2e1064e3bd2d37cd96495c01f326d4a543b77e38045a983e93e99a4704df206f	exe	RedLineStealer
2021-08-24 13:58:05	2e1064e3bd2d37cd96495c01f326d4a543b77e38045a983e93e99a4704df206f	exe	RedLineStealer
2021-08-24 13:45:05	2e1064e3bd2d37cd96495c01f326d4a543b77e38045a983e93e99a4704df206f	exe	RedLineStealer
2021-08-24 13:45:04	4e8c517dc9e0d8e4c5b95dd953f86391068ed00b1b758fe044fe5771d38b6184	exe	RedLineStealer
2021-08-24 13:41:07	d6dff5118d406d4e4c9ba203af253c4a6e5a18683e466a6d4109d75c7307554a	exe	RedLineStealer
2021-08-24 13:41:05	2e1064e3bd2d37cd96495c01f326d4a543b77e38045a983e93e99a4704df206f	exe	RedLineStealer
2021-08-24 12:35:26	2e1064e3bd2d37cd96495c01f326d4a543b77e38045a983e93e99a4704df206f	exe	RedLineStealer
2021-08-24 11:44:03	386cb4a88b5c465c29db7093db94fe6b8e30bb41c2d994569b1fc05d9b1b82d2	exe	ArkeiStealer