URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	42.115.68.140
Firstseen:	2020-01-14 07:05:22 UTC
Total malware sites :	26
Online malware sites :	0 (0%)
Offline Malware sites :	26 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-01-14 07:05:30	42.115.68.140		Not listed	AS18403 FPT-AS-AP	VN	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-10-01 00:08:04	http://42.115.68.140:58306/Mozi.m	Offline	elf gafgyt Mozi	lrz_urlhaus
2020-09-28 22:52:08	http://42.115.68.140:58306/Mozi.a	Offline	elf gafgyt Mozi	lrz_urlhaus
2020-09-24 21:08:04	http://42.115.68.140:48232/Mozi.m	Offline	elf gafgyt Mozi	lrz_urlhaus
2020-09-05 19:34:04	http://42.115.68.140:57627/Mozi.m	Offline	elf gafgyt Mozi	lrz_urlhaus
2020-09-02 14:19:04	http://42.115.68.140:35438/Mozi.a	Offline	elf gafgyt Mozi	lrz_urlhaus
2020-08-18 02:04:20	http://42.115.68.140:35438/Mozi.m	Offline	elf gafgyt Mozi	lrz_urlhaus
2020-08-12 11:41:08	http://42.115.68.140:43561/Mozi.a	Offline	elf gafgyt Mozi	lrz_urlhaus
2020-08-03 12:04:13	http://42.115.68.140:43561/Mozi.m	Offline	gafgyt Mozi	Gandylyan1
2020-07-20 15:04:39	http://42.115.68.140:56775/Mozi.m	Offline	gafgyt Mozi	Gandylyan1
2020-06-21 06:04:13	http://42.115.68.140:57804/Mozi.m	Offline	gafgyt Mozi	Gandylyan1
2020-06-14 12:03:40	http://42.115.68.140:47193/Mozi.m	Offline	gafgyt Mozi	Gandylyan1
2020-05-13 09:05:06	http://42.115.68.140:57519/Mozi.m	Offline	gafgyt Mozi	Gandylyan1
2020-04-22 21:06:21	http://42.115.68.140:42573/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-04-03 18:05:18	http://42.115.68.140:41030/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-03-15 21:03:54	http://42.115.68.140:58882/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-03-07 15:05:11	http://42.115.68.140:40007/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-02-23 02:04:24	http://42.115.68.140:57617/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-02-22 02:04:15	http://42.115.68.140:36054/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-02-13 16:06:11	http://42.115.68.140:57649/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-02-10 16:06:38	http://42.115.68.140:38115/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-02-07 22:04:22	http://42.115.68.140:45043/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-02-05 12:10:26	http://42.115.68.140:53858/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-01-31 01:05:00	http://42.115.68.140:47643/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-01-28 03:05:10	http://42.115.68.140:59806/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-01-23 08:07:06	http://42.115.68.140:33523/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1
2020-01-14 07:05:30	http://42.115.68.140:49578/Mozi.m	Offline	elf gafgyt Mozi	Gandylyan1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-10-01 00:08:04	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-09-28 22:52:08	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-09-24 21:08:04	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-09-05 19:34:04	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-09-02 14:19:04	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-08-18 02:04:20	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-08-12 11:41:08	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-08-03 12:04:13	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-07-20 15:04:39	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-06-21 06:04:13	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-06-14 12:03:40	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-05-13 09:05:06	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-04-22 21:06:21	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-04-03 18:05:18	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-03-15 21:03:54	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-03-07 15:05:11	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-02-23 02:04:24	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-02-22 02:04:15	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-02-13 16:06:11	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-02-10 16:06:38	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-02-07 22:04:22	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-02-05 12:10:26	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-01-31 01:05:00	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-01-28 03:05:10	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-01-23 08:07:06	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt
2020-01-14 18:37:37	285d3ca6572e18556e5e426605b357dcce06fdfec2123864c782ce63f7f578e5	elf
2020-01-14 08:15:16	3c4e1704c3ddd0ee2daced74abf7e344e50e8fb6ab495f400eb4a5e94acf86d2	elf
2020-01-14 07:05:28	c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14	elf	Gafgyt