URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host 192.162.244.196.

Database Entry


Host:192.162.244.196
Spamhaus DBL:Unknown
SURBL:Not listed
Firstseen:2018-11-13 17:21:01 UTC

IP addresses


The table below shows all IP address obsered for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones).

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2018-11-13 17:21:02192.162.244.196Not listedAS16262 DATACHEAP-LLC-AS- RUyes

Malware URLs


The table below shows all malware URLs that are associated with this particulare host.

Dateadded (UTC)URLStatusTagsGSBReporter
2019-01-23 11:14:12http://192.162.244.196/YER/pelim.php?l=tyro2.wosOfflineexe Gozi ursnif Clean@de_aviation
2018-11-13 17:21:06http://192.162.244.196/YER/pelim.php?l=tyro1.wosOfflineexe Gozi ursnif Clean@de_aviation
2018-11-13 17:21:06http://192.162.244.196/YER/pelim.php?l=tyro3.wosOfflineexe Gozi ursnif Clean@de_aviation
2018-11-13 17:21:05http://192.162.244.196/YER/pelim.php?l=tyro4.wosOfflineexe Gozi ursnif Clean@de_aviation
2018-11-13 17:21:04http://192.162.244.196/YER/pelim.php?l=tyro5.wosOfflineexe Gozi ursnif Clean@de_aviation
2018-11-13 17:21:03http://192.162.244.196/YER/pelim.php?l=tyro6.wosOfflineexe Gozi ursnif Clean@de_aviation
2018-11-13 17:21:02http://192.162.244.196/YER/pelim.php?l=tyro7.wosOfflineexe Gozi ursnif Clean@de_aviation