URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	webmail.auth-idclient.37-221-67-60.plesk.page
Domain registrar:	Namecheap
Domain registration date:	2020-03-18 03:06:27 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-07-22 16:55:06 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-07-22 16:55:10	37.221.67.60	lololol	Not listed	AS200019 AlexHost	MD	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-07-22 17:05:55	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf mirai	NDA0E
2024-07-22 17:05:51	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf gafgyt	NDA0E
2024-07-22 17:05:50	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf gafgyt	NDA0E
2024-07-22 17:05:43	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf gafgyt	NDA0E
2024-07-22 17:05:42	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf mirai	NDA0E
2024-07-22 17:05:23	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf gafgyt	NDA0E
2024-07-22 17:05:22	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf gafgyt	NDA0E
2024-07-22 17:05:18	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf gafgyt	NDA0E
2024-07-22 16:55:10	http://webmail.auth-idclient.37-221-67-60.plesk...	Offline	37.221.67.60 elf gafgyt	NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-07-22 17:05:55	771541fd373e84f19c90b8ba9bc40405ab9b724cce0c0443f90c6933855fa7c5	elf		Mirai
2024-07-22 17:05:50	10e3c26ae81478cc158a2dc9055b566ec0bde15f33c0a95d04153190ff354bff	elf		Gafgyt
2024-07-22 17:05:49	88fc7c9cdc9d7f080329f4784b6cae8982d245d85a6b2eb13770ccfbf1d093fa	elf		Gafgyt
2024-07-22 17:05:43	24960f6944c54e065aadf21db418826602e11244d2464cbfcf1cc8a9958489c1	elf		Gafgyt
2024-07-22 17:05:42	d29b82493e432e7305de78963e13214f665675f384f4a60499a7e2ce2ac01ff9	elf		Mirai
2024-07-22 17:05:23	b7bacf6d31f8bbd159f9025470d3897255b8059c9b08ce52bbd4221d4052cd63	elf		Gafgyt
2024-07-22 17:05:22	8b2c5646b544fd56c0e825e905ad525c644bf10cbff5556847cbf523dd66a7c0	elf		Gafgyt
2024-07-22 17:05:17	63ab16cfb75f0b3d667e759a58df6b156eb69ffd50f54a7383bf9798094fc2d9	elf		Gafgyt
2024-07-22 16:55:10	cade28f3cdf0a1a981584b6e5725d483483c7bd8c61b73d86195bb97b635052b	elf		Gafgyt