URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	195.20.19.212
Firstseen:	2025-11-18 04:17:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-11-18 04:17:07	195.20.19.212	gotouqgm-1942-3692	Not listed	AS201670 INFOTECH-GRUP	MD	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-12-24 07:28:22	http://195.20.19.212/r.txt	Offline		ranguli
2025-11-18 04:17:07	http://195.20.19.212/p.txt	Offline	elf geofenced ua-wget USA x86 Xorddos	botnetkiller

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-01-15 19:02:49	4a1dfdddfcee13ba78e8e21ed9f8ef1a5568fb241a60149e6cc9791f03ea8527	elf	XorDDoS
2026-01-14 06:55:30	11a193c69960b31d6835de4157001608179d8b4e0dc4f9199b50cf0f5bdb87b3	elf	XorDDoS
2026-01-08 07:46:22	5fefeaf30b8cd96607ee013a771c619d2bcba75e294f57e98ba86e8b40e51090	elf	XorDDoS
2025-12-21 14:54:06	69f17c943d7b5f987095d3c288e2e6e5e3f940ae2ce4c35cec24cde07695e977	elf	XorDDoS
2025-12-10 12:37:22	09898756f3e900900093fe4890680734f41ece38362912f4da2a3994a12a833e	elf	XorDDoS
2025-11-19 05:28:59	10e43894490d98a91f3d409a83d984556d619e91782333033ad3d7fb1b9def8b	elf	XorDDoS
2025-11-18 04:17:07	c3714fc0446a1adaedbc86e3dd0b2121e65b34cc3d40494f709c6873fa0d56bc	elf	XorDDoS