URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: valfanto.com
Domain registrar:Spaceship -
Domain registration date:2023-06-06 23:36:54 UTC
Spamhaus DBL :Phishing domain
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2026-03-11 08:33:06 UTC
Total malware sites :3
Online malware sites :0 (0%)
Offline Malware sites :3 (100%)
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-03-24 21:07:47 103.214.68.113Not listedAS53724 EVM- JPyes
2026-03-11 08:33:08 213.142.149.20eu-central-1.whitelabelservices.usNot listedAS207459 AS-TEKNOSOS-INT- TRno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-03-12 19:55:07http://valfanto.com/bgdgvrb/amIdnja.txtOfflinerev-base64-loader abuse_ch
2026-03-12 19:19:09http://valfanto.com/somthids/ejgddFd.txtOfflineascii DarkCloud Encoded opendir rev-base64-loader abuse_ch
2026-03-11 08:33:08http://valfanto.com/otigfght/mprgIoi.txtOfflineascii Encoded opendir rev-base64-loader abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-03-12 19:55:07b7d0fadd9af34c2d83602b5ad666ab9fac4014ee1705a52d71be9aafc12e1bc4txt  
2026-03-12 19:19:08b3029c856f9aa918a8af2c662cb9d86e1e182be074dbd655808f591402c788b7txt  
2026-03-11 08:33:087f011984be6c4cb13764c23f739ebd883a05cfb28f6c25383618711993aac44btxt