URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: zukutu02.top
Domain registrar:NICENIC -
Domain registration date:2021-09-20 07:11:11 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2021-09-28 06:06:05 UTC
Total malware sites :1
A record(s) observed :5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-09-29 06:10:45 93.189.42.187Not listedAS41853 NTCOM-AS- RUno
2021-09-28 16:26:48 89.108.88.21389-108-88-213.cloudvps.regruhosting.ruNot listedAS197695 AS-REGRU- RUno
2021-09-28 08:44:42 185.185.71.183Not listedAS35278 SPRINTHOST- RUno
2021-09-28 07:08:00 45.147.201.20mg0.accdept.ox-m.oneNot listedAS51659 ASBAXET- RUno
2021-09-28 06:06:06 5.188.89.12Not listedAS216368 PINVDS- RUno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-09-28 06:06:06http://zukutu02.top/downfiles/file.exeOffline32 cryptbot DanaBot ext exe zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-09-28 17:56:09b04791153b4f7b15aff1c868064f087fbd1004f8c42aab3a577f9398623159ebexe DanaBot
2021-09-28 13:51:37e35c66e69f35b2084635460c15635cfb1820e903069bcf1f29e8693c6b96dd3cexe CryptBot
2021-09-28 10:19:28c3b9a8dde21bf3c1bb09426a261c77eb4b59cb2f36ac82e5b8f6b4a4d3565b5bexeCryptBot
2021-09-28 06:06:06e0bc481d34f12788300cff55706ef6352f59e3c206b930ca08b2f7c76af3e795exeCryptBot