URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	utrecht.cf
Abuse complaint sent?:	Yes (2022-12-16 06:55:02 UTC to abuse{at}freenom[dot]com)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-12-16 06:51:07 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-12-16 06:51:14	65.109.163.235	static.235.163.109.65.clients.your-server.de	Not listed	AS24940 HETZNER-AS	FI	no
2022-12-16 16:16:08	195.20.49.6		Not listed	AS31624 VFMNL-AS	NL	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-12-16 07:40:13	http://utrecht.cf/LjEZs/uYtea.sh4	Offline	32 elf mirai renesas	zbetcheckin
2022-12-16 07:40:13	http://utrecht.cf/LjEZs/uYtea.m68k	Offline	32 elf mirai motorola	zbetcheckin
2022-12-16 07:40:13	http://utrecht.cf/LjEZs/uYtea.x86_64	Offline	64 elf mirai	zbetcheckin
2022-12-16 07:40:11	http://utrecht.cf/LjEZs/uYtea.arm	Offline	32 arm elf mirai	zbetcheckin
2022-12-16 07:39:11	http://utrecht.cf/LjEZs/uYtea.arm5	Offline	32 arm elf mirai	zbetcheckin
2022-12-16 07:39:09	http://utrecht.cf/LjEZs/uYtea.arm6	Offline	32 arm elf mirai	zbetcheckin
2022-12-16 07:39:09	http://utrecht.cf/LjEZs/uYtea.arm7	Offline	32 arm elf mirai	zbetcheckin
2022-12-16 07:39:09	http://utrecht.cf/LjEZs/uYtea.mpsl	Offline	32 elf mips mirai	zbetcheckin
2022-12-16 06:51:14	http://utrecht.cf/0x83911d24Fx.sh	Offline	script	geenensp

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-12-16 13:04:46	62479a4e8b50583e42c64232ab496f1838cb272cf945e94fd242787dd5d95597	unknown
2022-12-16 07:40:13	d1d79f410231e7a070f504b1359cf1b65d549e293d1dbf08761188b5f8be613c	elf	Mirai
2022-12-16 07:40:13	d8913948ec121dba3e87594feecffc26080a23add4f9d68851f99508a93884aa	elf	Mirai
2022-12-16 07:40:13	fbd862dbf6718c963aec854d751e7ca11ef07397c0981bebabc522f053649e83	elf	Mirai
2022-12-16 07:40:11	743153d468739f7a5bd1643d9f78d5ddbbc3675e37671b2b312ad8076d836348	elf	Mirai
2022-12-16 07:39:11	17f7d7e74db3ed907ece75e503be0a81d1064c20eb84947d7ab9e4a737295269	elf	Mirai
2022-12-16 07:39:09	229140a87811c6d16e6b42bcbf51bca7c102bb419f7eb1e6e946f3faeefbb278	elf	Mirai
2022-12-16 07:39:09	f7628401e0e14877ad553bb428e7eae8a9ae33e603d13d173c5baa65c17b738b	elf	Mirai
2022-12-16 07:39:09	a7247654d15df69028934481347da8da2a760bb161a37e1c3fb604a46b78963f	elf	Mirai
2022-12-16 06:51:08	ff57f4dd48341d0849a2a71648c41b9317d33483a72e400af088188b6f4de647	unknown