URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 79.110.49.55
Firstseen:2023-06-25 07:02:04 UTC
Total malware sites :11
Online malware sites :0 (0%)
Offline Malware sites :11 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-06-25 07:02:07 79.110.49.55Not listedAS399486 VIRTUO- FRyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-07-25 18:00:13http://79.110.49.55/kngeeog.txtOfflineAgentTesla ext abuse_ch
2023-07-24 15:48:11http://79.110.49.55/abyx.vbsOfflineascii vbs abuse_ch
2023-07-21 05:49:05http://79.110.49.55/nigazxbb.vbsOffline abuse_ch
2023-07-18 06:49:06http://79.110.49.55/kwen.vbsOfflineAgentTesla ext vbs abuse_ch
2023-07-08 09:44:08http://79.110.49.55/nbvzfip.txtOfflineAgentTesla ext HTI JAMESWT_MHT
2023-07-07 06:22:09http://79.110.49.55/nde.txtOfflineAgentTesla ext HTI abuse_ch
2023-07-06 15:01:12http://79.110.49.55/aby.txtOfflineAgentTesla ext HTI abuse_ch
2023-07-06 15:01:10http://79.110.49.55/yhkld.vbsOfflineAgentTesla ext HTI abuse_ch
2023-07-04 15:57:06http://79.110.49.55/oplasx.vbsOfflineAgentTesla ext HTI abuse_ch
2023-07-04 06:52:07http://79.110.49.55/simolz.txtOfflineascii Encoded HTI Loki ext abuse_ch
2023-06-25 07:02:07http://79.110.49.55/mynes.txtOfflineAgentTesla ext ascii Encoded HTI abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-07-26 08:21:239ed196a5a3961bb4e5a15b4c726b8c1701e72e5f6cf0162f369925378a7546f2unknown  
2023-07-26 08:14:396d69c89eda4a0d512f7f2f5f217d2ffe56ec574bf86b4549e199ca19f07742b6unknown  
2023-07-26 07:34:126b908af8de6fa80ce83c0860bdab5a75c5d962b671392afe874afdf2c11298adtxt AgentTesla
2023-07-26 07:26:3800fb5d302984d88d96931f4f84cdfe25b909b6404747e5332aa12799024fdb26unknown  
2023-07-25 18:00:1303aafc3d7b27929d55d35bc84c9439921e7c4c731a1ed38620c4189120bccf4etxt AgentTesla
2023-07-24 21:42:199ac450469f799b251dcce509fdfc745181abeaf21f02d1495056f53f4c93e517unknownAgentTesla
2023-07-24 15:48:118c611b8f6f7743808e877ec4100928056bf13d07faf626ed0c3fe2b2134c2a34unknown  
2023-07-24 07:38:00bbebbaa8e43fa0a23b0caa58404335d53b033d0835caf636995157e9616390f1unknown  
2023-07-21 05:49:05529653e9c80a9844c55bae4c1ab4849029773c24561f1f604ea5740d47b1a843unknown  
2023-07-18 06:49:06de13e621fcd8e8a37354ae7225a74e0fcfecd800e848bd45a7de4b330a657eafunknown  
2023-07-17 14:52:025d3e506c634c6c0aea410769092152676d42fea8e0c2bbb05b2b8dc482ab7555txt AgentTesla
2023-07-08 09:44:08f87fc00e6acee87144c35bacd9f413b5a80279cda5b4ffaeae6d93fda478750atxtAgentTesla
2023-07-07 06:22:09ef37952d9e74ef0b1ea5dbcf9e7e3c46c5bf881d0e37b6c4feecab5651a5de79txtAgentTesla
2023-07-06 15:01:1242bc8d53c2c31eea42e40cf308fb91047c112335ea6ee72452b877728bca015atxt AgentTesla
2023-07-06 15:01:10fa43e204762689b5d9a4f72bd2a6772f8d8436e02ddd0c6da9a0a26d475412daunknownAgentTesla
2023-07-04 15:57:0634543c948a378da9bf0c72d96c99b7b0e1792829ca1e90f8b3cfd5269b7db4b3unknown  
2023-07-04 06:52:0744c3e5b8c3427e93fbbff7183b6f8688fde8a940a497643deb1b2c774ef775adtxt Loki
2023-06-25 07:02:07cd90879d7f7ddf4e21052860c76cda9221382b1c9cd22e28b2dd37ec67e7e437txt AgentTesla