URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: utorrent-backup-server4.top
Domain registrar:Epik -
Domain registration date:2021-09-27 14:17:49 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2024-07-13 12:04:05 UTC
Total malware sites :34
Online malware sites :0 (0%)
Offline Malware sites :34 (100%)
A record(s) observed :7

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-01-04 13:44:03 91.202.233.151SBL677411AS200593 PROSPERO-AS- TMno
2025-01-04 01:10:10 91.212.166.134SBL624670AS198953 proton66- RUno
2024-12-25 11:43:01 62.60.226.41SBL671779AS214351 FEMOIT- DEno
2024-12-22 03:07:05 5.252.155.2Not listedAS215826 Partner-Hosting-LTD- PAno
2024-12-12 00:34:54 85.31.47.154Not listedAS397423 TIER-NET- BGno
2024-11-27 18:46:13 87.121.86.16Not listedAS209693 OC-NETWORK- EEno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-02-14 14:53:05http://utorrent-backup-server4.top/1337/TORRENT...OfflineLumma LummaStealer Riordz
2024-12-16 11:18:22http://utorrent-backup-server4.top/update//TPB-...Offlineexe LummaStealer Vidar ext abus3reports
2024-11-27 18:46:13http://utorrent-backup-server4.top/update/TPB-1...Offlineexe LummaStealer opendir Vidar ext NDA0E
2024-07-13 12:35:31http://utorrent-backup-server4.top/TPBActivetor...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:35:17http://utorrent-backup-server4.top/limetor/link...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:35:17http://utorrent-backup-server4.top/HEXO-SOFTWAR...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:35:06http://utorrent-backup-server4.top/TPBActivetor...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:35:03http://utorrent-backup-server4.top/1337/C.txtOffline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:51http://utorrent-backup-server4.top/TPBActivetor...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:46http://utorrent-backup-server4.top/FreeApps/lin...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:45http://utorrent-backup-server4.top/TPBActivetor...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:41http://utorrent-backup-server4.top/1337/A.txtOffline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:40http://utorrent-backup-server4.top/limetor/link...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:37http://utorrent-backup-server4.top/TORRENT-SPAM...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:36http://utorrent-backup-server4.top/FreeApps/lin...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:34http://utorrent-backup-server4.top/HEXO-SOFTWAR...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:31http://utorrent-backup-server4.top/1337/E.txtOffline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:31http://utorrent-backup-server4.top/1337/B.txtOffline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:27http://utorrent-backup-server4.top/limetor/link...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:26http://utorrent-backup-server4.top/limetor/link...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:26http://utorrent-backup-server4.top/FreeApps/lin...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:15http://utorrent-backup-server4.top/TORRENT-SPAM...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:15http://utorrent-backup-server4.top/FreeApps/lin...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:34:14http://utorrent-backup-server4.top/1337/D.txtOffline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:17:35http://utorrent-backup-server4.top/newz2k/link2...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:17:33http://utorrent-backup-server4.top/newz2k/link3...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:17:16http://utorrent-backup-server4.top/newz2k/link.txtOffline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:17:14http://utorrent-backup-server4.top/newz2k/link4...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:04:28http://utorrent-backup-server4.top/TPB-G/link.txtOffline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:04:24http://utorrent-backup-server4.top/update/link.txtOffline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:04:23http://utorrent-backup-server4.top/TG-Source/li...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:04:14http://utorrent-backup-server4.top/TPB-2-Links/...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:04:14http://utorrent-backup-server4.top/TPB-2-Links/...Offline185.99.135.162 ascii link opendir NDA0E
2024-07-13 12:04:12http://utorrent-backup-server4.top/TG-Source/li...Offline185.99.135.162 ascii link opendir NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-03-03 11:09:25b80b32ff1d730cfc947db68a4fc546576195bf302d1a05eee31b988fd53ea132exe LummaStealer
2025-03-03 10:30:51b80b32ff1d730cfc947db68a4fc546576195bf302d1a05eee31b988fd53ea132exe LummaStealer
2025-03-03 10:17:20b80b32ff1d730cfc947db68a4fc546576195bf302d1a05eee31b988fd53ea132exe LummaStealer
2025-02-17 17:50:2512b096048be2cca3f61e8fe031efa942faf8f4c31cbafe76953b744537275aceexe LummaStealer
2025-02-17 17:49:5712b096048be2cca3f61e8fe031efa942faf8f4c31cbafe76953b744537275aceexe LummaStealer
2025-02-17 17:45:5512b096048be2cca3f61e8fe031efa942faf8f4c31cbafe76953b744537275aceexe LummaStealer
2025-02-14 14:53:058bc4c1e92cfffe6d52dd7f5c65263e24dbc7bc470dbf631e782afd5e90ef5ee3exe LummaStealer
2025-02-03 12:28:128bc4c1e92cfffe6d52dd7f5c65263e24dbc7bc470dbf631e782afd5e90ef5ee3exe LummaStealer
2025-02-03 12:27:278bc4c1e92cfffe6d52dd7f5c65263e24dbc7bc470dbf631e782afd5e90ef5ee3exe LummaStealer
2025-01-29 17:12:18d4fb0e3c1d8a97e3b3baedabd704ef849e7fc96ac1c1b08801585ba4ee11fd29exe LummaStealer
2025-01-29 16:44:21d4fb0e3c1d8a97e3b3baedabd704ef849e7fc96ac1c1b08801585ba4ee11fd29exe LummaStealer
2025-01-29 09:00:2505d19250d7f78428660571d9f14755b27c1c94b68a7da1916a0909a9ca6c3beeexe  
2025-01-29 08:08:0905d19250d7f78428660571d9f14755b27c1c94b68a7da1916a0909a9ca6c3beeexe  
2025-01-19 00:44:267902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aefexeLummaStealer
2025-01-18 22:45:267902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aefexeLummaStealer
2025-01-18 22:45:257902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aefexeLummaStealer
2025-01-04 01:49:519c4afe3e68312e44bbaa3f122a251bb087f72d94adf8d432bdd8382087086c92exeLummaStealer
2025-01-04 01:10:049c4afe3e68312e44bbaa3f122a251bb087f72d94adf8d432bdd8382087086c92exeLummaStealer
2024-12-30 09:37:0572a37e2a65b502af4a3fabf99f069bdb51a50cebb764fb6eb4a1920320dd849cexeVidar
2024-12-30 08:41:1572a37e2a65b502af4a3fabf99f069bdb51a50cebb764fb6eb4a1920320dd849cexeVidar
2024-12-22 12:08:49f2c2df5d625c6983881695ab53416c52aa574821e01074f607b6039e5d79e76fexe Vidar
2024-12-22 03:07:02f2c2df5d625c6983881695ab53416c52aa574821e01074f607b6039e5d79e76fexe Vidar
2024-12-16 11:18:185746d38d3f64fd37ad4aa158d119eec1378e6298bd105323d5ffc791b9f5e88aexeVidar
2024-12-15 15:48:565746d38d3f64fd37ad4aa158d119eec1378e6298bd105323d5ffc791b9f5e88aexeVidar
2024-12-05 09:10:20a3a6cde465591377afc5f656f72a00799398fd2541b60391bcb8f62b8f8cace3exe Vidar
2024-11-27 18:46:12b33f25c28bf15a787d41472717270301071af4f10ec93fa064c96e1a33455c35exe Vidar