URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 145.239.92.106 |
|---|---|
| Firstseen: | 2020-12-14 08:12:03 UTC |
| Total malware sites : | 10 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 10 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2020-12-14 08:12:07 | 145.239.92.106 | Not listed | AS16276 OVH |  PL | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-12-14 08:12:09 | http://145.239.92.106/stresser.exe | Offline | exe opendir orcusrat |  abuse_ch |
| 2020-12-14 08:12:09 | http://145.239.92.106/Chlebeek.exe | Offline | exe opendir orcusrat | abuse_ch |
| 2020-12-14 08:12:09 | http://145.239.92.106/uzi.exe | Offline | exe opendir orcusrat | abuse_ch |
| 2020-12-14 08:12:09 | http://145.239.92.106/bonek.exe | Offline | exe opendir | abuse_ch |
| 2020-12-14 08:12:08 | http://145.239.92.106/nitro.exe | Offline | exe opendir orcusrat | abuse_ch |
| 2020-12-14 08:12:08 | http://145.239.92.106/op.exe | Offline | exe opendir orcusrat | abuse_ch |
| 2020-12-14 08:12:07 | http://145.239.92.106/msconfig.exe | Offline | exe NanoCore  opendir | abuse_ch |
| 2020-12-14 08:12:07 | http://145.239.92.106/xx.exe | Offline | exe NanoCore opendir | abuse_ch |
| 2020-12-14 08:12:07 | http://145.239.92.106/winver.exe | Offline | exe opendir QuasarRAT | abuse_ch |
| 2020-12-14 08:12:07 | http://145.239.92.106/svchost.exe | Offline | exe opendir QuasarRAT | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-12-14 08:12:09 | e199b52c6e53f641ac035a22bc75963d32bfb70dfb8a64a2cbf7d3efc9c1358a | exe | OrcusRAT | |
| 2020-12-14 08:12:09 | d92ee183633151e24c7ab0e670f8cd15f41defcf9b927780176d9b7bbe3c97f1 | exe | OrcusRAT | |
| 2020-12-14 08:12:09 | b9657cd9005b01b162ce90306ba1b7c7c3df3551fba5f008efd780086f461e72 | exe | OrcusRAT | |
| 2020-12-14 08:12:09 | 0df0d374f175e8a68ef53d8b6f278cc2545c8113dee0f165e600a9e02c2b9493 | exe | ||
| 2020-12-14 08:12:08 | f7e7dfe0a2e59a746679694100b4549408a7e5513d3b1cf4bee0ba981f5e1703 | exe | OrcusRAT | |
| 2020-12-14 08:12:08 | 2060ac076d0fc563f875a2256d6fc88d0b5609df077e8313388b12f6221a3a75 | exe | OrcusRAT | |
| 2020-12-14 08:12:07 | 1735709e4b496d80858a5d3cbcf9e7aef536ff439fa04d28be863dd3135dee61 | exe | QuasarRAT | |
| 2020-12-14 08:12:05 | e808cb65f0d9cfb0ad81859c512c742306bf368fe52759b941c8377e3543b4b8 | exe | NanoCore | |
| 2020-12-14 08:12:05 | 40cc763f35575e2b9fdcd00d992be89dbe0ea5ea65f15d8a915377f8a880dbbb | exe | QuasarRAT | |
| 2020-12-14 08:12:04 | f65cddf79d3fbdeff4d578f13fe856830c064df132612aaf79933564aa8e568f | exe | NanoCore |