URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | zzz.alie3ksgdd.com |
|---|---|
| Domain registrar: | Xin Net  |
| Domain registration date: | 2023-08-15 04:08:10 UTC |
| Abuse complaint sent to registrar: | Yes (2023-08-18 20:51:02 UTC to supervision{at}xinnet[dot]com) |
| Domain registry: | VeriSign Global Registry Services
 |
| Abuse complaint sent to registry: | Yes (2023-08-18 20:51:02 UTC to info{at}verisign-grs[dot]com) |
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2023-08-18 20:48:04 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 2 (100%) |
| A record(s) observed : | 2 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2023-08-18 20:48:06 | 104.21.54.252 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2023-08-18 20:48:07 | 172.67.143.192 | Not listed | AS13335 CLOUDFLARENET | n/a | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2023-08-20 04:15:06 | https://zzz.alie3ksgdd.com/m/okka25.exe | Offline | 64 exe fabookie |  zbetcheckin |
| 2023-08-18 20:48:07 | http://zzz.alie3ksgdd.com/m/okka25.exe | Offline | dropped-by-PrivateLoader fabookie |  andretavare5 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2023-08-22 04:33:20 | e41f5729a7ff7cc2b251abbd4de70d237239e4486c37bf47bc53ac3ed44f620d | exe | Fabookie | |
| 2023-08-22 04:07:37 | e41f5729a7ff7cc2b251abbd4de70d237239e4486c37bf47bc53ac3ed44f620d | exe | Fabookie | |
| 2023-08-21 14:37:54 | d117e234ed8a65fe05b3e3adbcb47f04be934572084706b86a3ba5a42eae2629 | exe | Fabookie | |
| 2023-08-21 13:44:23 | d117e234ed8a65fe05b3e3adbcb47f04be934572084706b86a3ba5a42eae2629 | exe | Fabookie | |
| 2023-08-20 11:49:25 | 81b5941968b524ce0c043f6a431d362ae347d9c25e7b1b1fde151241abd68056 | exe | Fabookie | |
| 2023-08-20 10:22:19 | 81b5941968b524ce0c043f6a431d362ae347d9c25e7b1b1fde151241abd68056 | exe | Fabookie | |
| 2023-08-20 05:48:21 | f422f73ee1f1f5d1a31181d93384c7a81527c71cb95c04a6bd8b5859f9dae942 | exe | Fabookie | |
| 2023-08-19 02:50:47 | f422f73ee1f1f5d1a31181d93384c7a81527c71cb95c04a6bd8b5859f9dae942 | exe | Fabookie | |
| 2023-08-18 20:48:06 | 33a6a6fd4d40d8a987cc5614b36b72bc5bd50ccce2dd0a228776793ab9b4d1c3 | exe | Fabookie |