URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: www.xiaz.xyz
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2021-08-03 12:19:05 UTC
Total malware sites :8
Online malware sites :0 (0%)
Offline Malware sites :8 (100%)
A record(s) observed :3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-10-27 09:55:08 13.248.169.48a904c694c05102f30.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USyes
2025-10-27 09:55:08 76.223.54.146a904c694c05102f30.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USyes
2021-08-03 12:19:06 185.239.243.112ns1.20mb.nlNot listedAS212238 CDNEXT- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-08-06 05:36:04http://www.xiaz.xyz/mazx.exeOfflineexe Formbook ext abuse_ch
2021-08-05 16:21:06http://www.xiaz.xyz/securebagzx.exeOfflineexe RedLineStealer ext abuse_ch
2021-08-05 14:03:08http://www.xiaz.xyz/usermasabikzx.exeOfflineAgentTesla ext exe abuse_ch
2021-08-04 15:44:09http://www.xiaz.xyz/assadzx.exeOffline32 exe RedLineStealer ext SnakeKeylogger ext zbetcheckin
2021-08-04 12:09:04http://www.xiaz.xyz/blaqzx.exeOffline32 AgentTesla ext exe zbetcheckin
2021-08-04 06:07:04http://www.xiaz.xyz/whesilox.exeOfflineAgentTesla ext exe SnakeKeylogger ext abuse_ch
2021-08-03 15:01:03http://www.xiaz.xyz/arinzex.exeOfflineexe SnakeKeylogger ext abuse_ch
2021-08-03 12:19:06http://www.xiaz.xyz/templezx.exeOfflineSnakeKeylogger ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-08-06 05:36:0434ff91c0be47c6edae673081f4814ca9b7432d6db4975ab66a911f36fe481d70exeFormbook
2021-08-05 22:30:1334424457e08f19db15e9901f47deb53a4dac3ba8646ef3d07f753e1316b83f33exeSnakeKeylogger
2021-08-05 16:21:0636b9146fd7d45954b83a4da982270bc9274240acf44a683ef71e7387f784053aexeRedLineStealer
2021-08-05 14:03:088d71a665c2ff60a659ff0854cf31bf09d955714611c2ee3fe9b884fb7c89b0beexeAgentTesla
2021-08-05 03:58:23abe9a4eedd2ea6ef8709bcdae2f75ee543cc536b0db5dd128af6e07d4c4afda5exe SnakeKeylogger
2021-08-05 03:55:398c97d61551833fb8f5c8c3c44c731881104885a390623816a7d57f964b1d4ed5exeAgentTesla
2021-08-05 02:31:263dcc92f9ed4dd25bd23b5dcf963123d01839d0f0c4579d411516fb7e795d5aa3exe AgentTesla
2021-08-05 02:20:507c2c9671c5e0b03d86977ecc6886c7bda5b9b6a1047285995547263ec5181987exe RedLineStealer
2021-08-05 01:21:384e28b14785e16aa7847a61d1597039b9a9411f26ae95f3183a09396ebd80ce2dexeSnakeKeylogger
2021-08-04 15:44:09a1620dcffe511b88c80a6086691eca79f7a66edad2196ab265bba7278f2e431aexeRedLineStealer
2021-08-04 12:09:049b9e02a40d66398a2d29e0f0b89e83e092180ee0ebed9b1c5ca31de4697954c5exeAgentTesla
2021-08-04 10:09:452b11af50940dfbbbb719e4384a30ac7134fb70c774d683ada5dd995728d32071exe SnakeKeylogger
2021-08-04 10:08:34bafc3525c6c5bd45beddc3523c76bba57ab58d430430a39ddfd6c4bab1ddea91exeSnakeKeylogger
2021-08-04 10:02:031198be03895c0c5c74e45bfd5c6bcb0200b565125df33c7f60d18cd4a0fd56f2exeSnakeKeylogger
2021-08-04 06:07:0491b9b4c57bd2445d348d1621c4a280ba3e8a7163dc395a61eeaecee72405c90dexeSnakeKeylogger
2021-08-03 22:08:295c76aef388b4a8cdd706e882c0e441389c8730c36d17450d80e566d81095cac0exeSnakeKeylogger
2021-08-03 15:01:0313aab3a85fad74125b5a8df79c20803d6889be8d165d4d7d02a0a117fdfacd13exeSnakeKeylogger
2021-08-03 12:19:0664ac9c177f8a0350a1b011ae075941890b0dd231152e5aee5e33068df86ee4d8exeSnakeKeylogger