URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	tencoconsulting.com
Domain registrar:	Namecheap
Domain registration date:	2020-04-28 19:45:01 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-03-30 05:55:11 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	10

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-22 15:37:22	35.215.117.162	162.117.215.35.bc.googleusercontent.com	Not listed	AS15169 GOOGLE	US	yes
2025-05-12 19:25:55	95.215.226.244	my.participatoryeconomy.org	Not listed	AS59778 SYNEXTRA-UK	GB	no
2021-11-26 20:05:51	198.48.57.3	198-48-57-3.static.as40244.net	Not listed	AS40244 TURNKEY-INTERNET	US	no
2021-03-30 05:55:17	173.198.233.208	173-198-233-208.static.as40244.net	Not listed	AS40244 TURNKEY-INTERNET	US	no
2025-05-21 03:10:41	35.213.154.243	243.154.213.35.bc.googleusercontent.com	Not listed	AS15169 GOOGLE	SG	no
2025-05-04 21:41:02	92.113.16.204		Not listed	AS47583 AS-HOSTINGER	DE	no
2025-04-30 16:36:29	92.113.16.238		Not listed	AS47583 AS-HOSTINGER	DE	no
2025-04-27 17:22:13	92.113.16.24		Not listed	AS47583 AS-HOSTINGER	DE	no
2025-04-27 12:39:27	92.113.16.55		Not listed	AS47583 AS-HOSTINGER	DE	no
2025-04-29 23:38:12	92.113.16.78		Not listed	AS47583 AS-HOSTINGER	DE	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-03-30 05:55:17	https://tencoconsulting.com/klcpk3.rar	Offline	Dridex	sugimu_sec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-03-30 15:34:03	03bb64d1d0d91623bd8d83e769e97d39cf8175584dce06bc07936a8050ee4e41	dll		Dridex
2021-03-30 07:15:24	56cd0bb2fb78736e872dbb88fd9cdd78435b13e15c9b0be2b6ca709df36e93b1	dll		Dridex
2021-03-30 05:55:13	0f34e1cb392c58a5885e73b1d1411efa7140ce6eb20ea39bbf4888d9e531d122	dll		Dridex