URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	test.kangooroo-re.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-03-07 10:48:09 UTC
Total malware sites :	13
Online malware sites :	0 (0%)
Offline Malware sites :	13 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-03-18 11:49:00	46.4.62.175	static.175.62.4.46.clients.your-server.de	Not listed	AS24940 HETZNER-AS	DE	no
2023-03-07 10:48:11	51.91.64.55	ns3163365.ip-51-91-64.eu	Not listed	AS16276 OVH	FR	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-03-14 19:02:12	https://test.kangooroo-re.com/connect/	Offline	250255 7710 geofenced Gozi ISFB ITA redir-302 ursnif	abuse_ch
2023-03-14 19:01:32	https://test.kangooroo-re.com/scarica/	Offline	250255 7710 geofenced Gozi ISFB ITA redir-302 ursnif	abuse_ch
2023-03-14 19:00:11	https://test.kangooroo-re.com/agenzia/	Offline	250255 7710 geofenced Gozi ISFB ITA redir-302 ursnif	abuse_ch
2023-03-14 18:13:11	https://test.kangooroo-re.com/scarica/marzo.zip	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-14 18:13:11	https://test.kangooroo-re.com/scarica/Direzione...	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-14 18:13:10	https://test.kangooroo-re.com/scarica/impresa.zip	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-14 18:13:10	https://test.kangooroo-re.com/scarica/cliente.zip	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-14 18:13:09	https://test.kangooroo-re.com/scarica/Agenzia_E...	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-14 18:13:09	https://test.kangooroo-re.com/scarica/contratto...	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-14 18:13:09	https://test.kangooroo-re.com/scarica/azienda.zip	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-14 18:13:09	https://test.kangooroo-re.com/scarica/Agenzia.zip	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-14 18:13:09	https://test.kangooroo-re.com/scarica/AgenziaEn...	Offline	agenziaentrate geofenced Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT
2023-03-07 10:48:11	http://test.kangooroo-re.com/connect/index.php	Offline	Gozi ISFB ITA MEF MISE ursnif	JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-03-14 18:13:11	e159aea81405eada05aac7c55a7527e734f7af37f1ae9b51af290ccf46463ca0	zip	Gozi
2023-03-14 18:13:11	f5085718009804b3e8f0f14d03de6b65189129a0173e019f3ca9006e1d4a2737	zip
2023-03-14 18:13:10	1094fb85093091c3c701657bf7609cc73718a3850c572ed1cbfdea25e730bf21	zip
2023-03-14 18:13:10	f2648196feaed0a7a4b1f4c2521a07c952d7667225ade823dc0540564ef1ec14	zip	Gozi
2023-03-14 18:13:09	1d9df55ca8b3dda301a4e6a23586e06b39c86adb1196802aa7787b6c49e15e37	zip	Gozi
2023-03-14 18:13:09	eea9b416ba98ec333e14a8e13db5eba5ee1b9ad6e9c1e8b2882d5f7feea4560e	zip	Gozi
2023-03-14 18:13:09	35d99e0bc26a29a4e8a4b3a0fee0724a494675b76745dbadbc2f8afa81c5ac49	zip	Gozi
2023-03-14 18:13:09	1fede186e9d9666ce4eff1882ce3bdca66c9a121ea9773d8e57747912e8ad57e	zip	Gozi
2023-03-14 18:13:09	72067f1ace09f18f6e16fd813f10a6f31b369ae9194b35bc80902aa65aae7df6	zip	Gozi