URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 149.88.87.137 |
|---|---|
| Firstseen: | 2024-06-28 06:50:08 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 2 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2024-06-28 06:50:23 | 149.88.87.137 | Not listed | AS401696 COGNETCLOUD |  HK | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-06-28 06:50:30 | http://149.88.87.137/3.exe | Offline | exe farfli Gh0stRAT |  NDA0E |
| 2024-06-28 06:50:23 | http://149.88.87.137/5.exe | Offline | exe Gh0stRAT | NDA0E |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-06-28 06:50:20 | d3af6e62ef3ce968da90beb9be44b04948b996c3dda893ba425a1147eb7696ad | exe | Gh0stRAT | |
| 2024-06-28 06:50:18 | 0af21e5bdeaf84c33c172a1170987cca478c2b3e13a3de5653f724f36e278ee4 | exe | Gh0stRAT |