URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 45.141.239.26 |
|---|---|
| Firstseen: | 2022-06-28 09:05:03 UTC |
| Total malware sites : | 3 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 3 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-06-28 09:05:04 | 45.141.239.26 | Not listed | AS201838 ASN-COMMUNITYFIBRE |  GB | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-07-04 18:18:05 | http://45.141.239.26/loader.exe | Offline | exe Formbook  zgRAT |  abuse_ch |
| 2022-07-04 18:12:04 | http://45.141.239.26/dl.exe | Offline | a310Logger BluStealer exe zgRAT | abuse_ch |
| 2022-06-28 09:05:04 | http://45.141.239.26/client.exe | Offline | exe Formbook | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-07-06 08:35:45 | 525e2076a92b780348847e1277946f8bac2aa27bfcc4b793279e22c277780694 | exe | zgRAT | |
| 2022-07-06 08:35:03 | 038022c6f5c04dba6aa5b9289461209678a511329ad714ac45b132ad64ab8d60 | exe | zgRAT | |
| 2022-07-04 18:18:05 | 54dd1a6be86907485cb1f716306eb8918116f873a9382e10d92f6632491c1074 | exe | Formbook | |
| 2022-07-04 18:12:04 | 72a787a3953e4b74aa9c88834e25af4c5f85a02896372e467a06bb092ebf6382 | exe | a310Logger | |
| 2022-06-28 09:05:04 | b742fa6347613773ab172e17d85e43d66036a4b3a037a13aa7acaae631075e8f | exe | Formbook |