URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | twart.myfirewall.org |
|---|---|
| Domain registrar: | Ascio  |
| Domain registration date: | 2012-02-24 16:10:55 UTC |
| Spamhaus DBL : | Malware domain |
| SURBL : | Blocked |
| Quad9 : | Blocked |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2021-04-20 10:57:02 UTC |
| Total malware sites : | 5 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 5 (100%) |
| A record(s) observed : | 18 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-09-14 15:24:39 | 91.92.241.145 | SBL686267 | AS214943 RAILNET |  NL | yes | |
| 2025-04-28 12:42:33 | 107.150.0.72 | unassigned.quadranet.com | SBL682038 | AS36352 AS-COLOCROSSING |  US | no |
| 2025-04-28 06:55:26 | 213.219.150.114 | 213.219.150.114.static.edpnet.net | Not listed | AS9031 EDPNET |  BE | no |
| 2023-06-11 23:10:07 | 85.217.144.229 | Not listed | AS16276 OVH |  GB | no | |
| 2023-04-28 04:02:37 | 185.246.220.173 | Not listed | AS41745 FORTIS-AS |  RU | no | |
| 2022-04-20 11:38:14 | 2.56.57.193 | arekliniken.com | Not listed | AS3758 SINGNET |  SG | no |
| 2022-02-10 17:09:27 | 212.193.30.119 | Not listed | AS9123 TimeWeb-AS | RU | no | |
| 2021-12-07 01:36:23 | 195.133.40.105 | Not listed | AS210976 TWC-EU |  CZ | no | |
| 2021-07-10 10:49:37 | 79.134.225.96 | Not listed | AS6775 FINK-TELECOM-SERVICES |  CH | no | |
| 2021-06-25 02:17:30 | 37.0.11.124 | Not listed | AS3758 SINGNET | SG | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-05-30 10:59:33 | https://twart.myfirewall.org/bak_gmsbEd21.bin | Offline | AgentTesla  exe GuLoader ITA |  reecdeep |
| 2022-05-30 10:59:14 | http://twart.myfirewall.org/bak_gmsbEd21.bin | Offline | AgentTesla exe GuLoader ITA | reecdeep |
| 2021-06-25 14:59:33 | http://twart.myfirewall.org/conhosts.exe | Offline | AgentTesla |  Cryptolaemus1 |
| 2021-04-20 10:57:07 | http://twart.myfirewall.org/taskmgrs.exe | Offline | AgentTesla exe NanoCore rat Xpertrat |  abuse_ch |
| 2021-04-20 10:57:06 | http://twart.myfirewall.org/firewall.exe | Offline | AgentTesla exe rat RemcosRAT Xpertrat | abuse_ch |
The table below shows recent payloads delivery by this host.