URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 2.56.59.218 |
|---|---|
| Firstseen: | 2022-02-16 09:05:03 UTC |
| Total malware sites : | 1 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-02-16 09:05:04 | 2.56.59.218 | Not listed | AS3758 SINGNET |  SG | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-02-16 09:05:04 | http://2.56.59.218/xmin.exe | Offline | exe Formbook  |  abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-02-20 17:08:37 | 136935297fa08738f6957068951067c699c91b2902f3ea14da650289cabfd29d | exe | Formbook | |
| 2022-02-18 12:27:39 | bb81812044069608e1ba320fcb7b878c5b6895f5bf91c93027ab4161042d01c7 | exe | Formbook | |
| 2022-02-18 02:00:42 | cd4c3c2bd35873b1645f1c991feb8c9bd6a0e920b64075114c26ea8e74a4c1c4 | exe | Formbook | |
| 2022-02-17 08:04:08 | 6370ffa17cea91839f8a40555da2ef41f0e97d539e4bdc60871a7783abcdd7f6 | exe | Formbook | |
| 2022-02-16 09:05:04 | 826837df6dde8385f31f1a25df7ebdf946b9519af3142bfb87d4b9196f3822f1 | exe | Formbook |