URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	torna.ydns.eu
Domain registrar:	n/a
Spamhaus DBL :	Not blocked
SURBL :	Blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-10-05 09:13:03 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 17:31:46	94.156.65.252	taeniada252.nonsexual94.builder-marketing.com	Not listed	AS208893 sparks	GB	yes
2023-10-19 07:16:38	141.98.10.67		SBL619633	AS209605 hostbaltic	LT	no
2023-10-05 09:13:05	193.42.32.61		Not listed	AS214396 SUDOLIO-AS	SK	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-10-05 09:13:10	http://torna.ydns.eu/on/bsv/Wblxhuaksujvhq.exe	Offline	DBatLoader exe ModiLoader opendir rat RemcosRAT	abuse_ch
2023-10-05 09:13:05	http://torna.ydns.eu/on/kay/Wbl1xhua6ksu7j	Offline	opendir	abuse_ch
2023-10-05 09:13:05	http://torna.ydns.eu/on/rewop/powerwinner.ps1	Offline	ascii opendir powershell ps1 rat RemcosRAT	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-10-05 09:13:10	0fcbcb5c98c97d26b4df12fc4b1f18c926df5e943b6cad241836985f5da0290e	exe		DBatLoader