URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	37.139.128.115
Firstseen:	2022-11-04 17:28:04 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-11-04 17:28:05	37.139.128.115		Not listed	AS214238 iwihost	BG	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-11-11 19:12:04	http://37.139.128.115/530/vbc.exe	Offline	exe Loki	abuse_ch
2022-11-11 10:27:04	http://37.139.128.115/540/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-11-10 12:45:05	http://37.139.128.115/460/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-11-09 07:20:05	http://37.139.128.115/320/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-11-04 17:28:05	http://37.139.128.115/270/vbc.exe	Offline	exe Loki opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-11-11 19:12:04	e4680e26cc89886c7bcfcc9145902d92c5232f3572970d8d0b60ee3ff2e9d89a	exe	Loki
2022-11-11 10:27:04	6353d61171d730f2ed3c5364c12eec663d8bc714a5056b3488cbb932f4b8a9cf	exe	Loki
2022-11-10 12:45:05	a264b56a0ef15588454be70e1f8eebb1d2625da151a46d7e8d5f7e8b411928a5	exe	Loki
2022-11-09 07:20:05	222b8b814a32347ab31d4a3174b67ee762ddfaae34e49ef21397ebfafa2328f5	exe	Loki
2022-11-04 17:28:04	851399d3886fbccd6ef4e729d330adc53e796f8c69dfae9184f9d2b580558a30	exe	Loki