URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | winfyn10.top |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2021-08-01 09:17:04 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 2 (100%) |
| A record(s) observed : | 8 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-08-02 23:18:05 | 176.96.238.212 | 176-96-238-212.umnyeseti.ru | Not listed | AS56340 UmnyeSeti-AS |  RU | no |
| 2021-08-02 22:18:29 | 138.197.160.42 | i2ivestcom.tempurl.host | Not listed | AS14061 DIGITALOCEAN-ASN |  CA | no |
| 2021-08-02 21:21:27 | 159.65.232.62 | Not listed | AS14061 DIGITALOCEAN-ASN |  US | no | |
| 2021-08-02 20:41:21 | 147.182.201.6 | Not listed | AS14061 DIGITALOCEAN-ASN | US | no | |
| 2021-08-02 08:34:20 | 139.162.151.212 | 139-162-151-212.ip.linodeusercontent.com | Not listed | AS63949 AKAMAI-LINODE-AP |  DE | no |
| 2021-08-01 12:44:54 | 31.40.251.189 | Not listed | AS43830 DIGITALENERGY-AS | RU | no | |
| 2021-08-01 09:17:04 | 77.232.41.227 | host-77-232-41-227.macloud.host | Not listed | AS212441 CLOUDASSETS | RU | no |
| 2021-08-01 12:36:46 | 185.120.57.232 | free.hosted-by-virtualdc.ru | Not listed | AS48108 VIRTUALDC | RU | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-08-01 09:17:08 | http://winfyn10.top/downfiles/lv.exe | Offline | 32 DanaBot  exe |  zbetcheckin |
| 2021-08-01 09:17:05 | http://winfyn10.top/download.php?file=lv.exe | Offline | 32 exe | zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-08-01 17:44:59 | d33336905c29588a28620ae7bca11c90214a928d36fbde3afa3890ff7b2fb3c8 | exe | DanaBot | |
| 2021-08-01 13:15:25 | 48e20a43a55f81f5adb33616e72190509c7647216daf69c0095d1270fe66381a | exe | DanaBot | |
| 2021-08-01 10:05:11 | 11a3ec7e77a518bf03da7384646898e4708e9ad77ecca7e4a32dfd0c484e8259 | exe | DanaBot | |
| 2021-08-01 09:17:06 | d61176ad7367c227cd55914c24fb5584d01b17cef989648c8274665b630ea9aa | exe | DanaBot |