URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	185.242.104.78
Firstseen:	2020-03-27 07:42:10 UTC
Total malware sites :	6
Online malware sites :	0 (0%)
Offline Malware sites :	6 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-03-27 07:42:12	185.242.104.78		Not listed	AS42532 VEESP-LV-AS	LV	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-04-03 13:13:16	http://185.242.104.78/fuwa/Remtc_encrypted_63B4...	Offline	encrypted GuLoader	abuse_ch
2020-03-27 16:48:11	http://185.242.104.78/wftp/hamkyyu_encrypted_18...	Offline		JayTHL
2020-03-27 16:48:08	http://185.242.104.78/wftp/kayslimmmm_encrypted...	Offline		JayTHL
2020-03-27 16:48:05	http://185.242.104.78/wftp/out-571924757.hta	Offline		JayTHL
2020-03-27 16:48:03	http://185.242.104.78/wftp/out-756898907.hta	Offline		JayTHL
2020-03-27 07:42:12	http://185.242.104.78/wftp/ekeneeee_encrypted_C...	Offline	encrypted GuLoader	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type
2020-03-27 16:48:11	a053245e1ca52d72e986588fb061473547391c5f5fe3d14c40877370a1decaf8	unknown
2020-03-27 16:48:08	95d546cb6ae084cd6e353c0bce321497e84d0c80ed2015019e7cd8472b3a3a86	unknown
2020-03-27 07:42:12	59cccd461943d5e77b63666da5ec1d4893c1e7053fa07bcf720b63a3f7d23e03	unknown