URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	195.178.120.35
Firstseen:	2022-09-17 05:49:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-09-17 05:49:04	195.178.120.35		Not listed	AS210218 OpenFiber-Italy	IT	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-09-18 01:37:05	http://195.178.120.35/Pzdcee.exe	Offline	exe zgRAT	zbetcheckin
2022-09-18 01:23:04	http://195.178.120.35/Turen_2022-09-13_07-54.exe	Offline	32 Amadey exe	zbetcheckin
2022-09-17 05:50:07	http://195.178.120.35/Turen_2022-09-14_07-48.exe	Offline	Amadey exe	abuse_ch
2022-09-17 05:49:04	http://195.178.120.35/Oobin.exe	Offline	exe PureCrypter	abuse_ch
2022-09-17 05:49:04	http://195.178.120.35/Oobin_Iclzfzgq.jpg	Offline	encrypted PureCrypter	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-09-18 01:37:05	3fba4c2bac1363433553b57b389916f759be99e350e8003bf3d2a5584ebe5f46	exe	zgRAT
2022-09-18 01:23:04	0321da385d5c03cea287316cabb9190060cdb444a9816121ede86ec31bcbfdc7	exe	Amadey
2022-09-17 05:50:07	f6669b53bb3d32d45755dc5407e50c8ebd2ec82d98ce37136c495dfac3a403d6	exe	Amadey
2022-09-17 05:49:04	da545aa1404714dab8b60c17ee4a94e204ae6af2d9bd0c64501f261b71b8709a	exe	PureCrypter
2022-09-17 05:49:04	0faca242b426295d6bc86d5e7152750fb8623b003946f2f4a9dba4f3ec158186	unknown