URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 81.70.35.72 |
|---|---|
| Firstseen: | 2024-06-14 11:44:06 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 2 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2024-06-14 11:44:14 | 81.70.35.72 | Not listed | AS45090 TENCENT-NET-AP |  CN | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-09-28 08:23:06 | http://81.70.35.72/123.ps1 | Offline | CVE-2024-4577 opendir ps1 |  NDA0E |
| 2024-06-14 11:52:44 | http://81.70.35.72/help.scr | Offline | CoinMiner help.scr TellYouThePass |  abus3reports |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-09-11 20:29:57 | fc096a7c17685c04ffeb12eb5bf3c5c4bd4f41e929a84cac0fa212464f1957d5 | exe | ||
| 2024-09-11 10:50:00 | fe798a7cba69a1cc98ba0dc7ef679117fbcb7aa705bffceeb9e2f4a9e735454c | exe | ||
| 2024-07-02 06:33:51 | 874adc0a9fd8270602a60ca04be4015a99aa3a4cf0031f6f9fde77d3d1782231 | exe | ||
| 2024-06-26 16:07:39 | 2b40e862b6ef11293cef266c3d5582135afb6fcb4660b2bd6f51ad08a93d259a | exe | CoinMiner | |
| 2024-06-24 12:19:22 | 9e08c825669c4ef6f5daf2018385ce3de81a4378f1ef041494df3f5f0ecc5a8c | exe | ||
| 2024-06-14 11:52:40 | d6350d8a664b3585108ee2b6f04f031d478e97a53962786b18e4780a3ca3da60 | exe | CoinMiner |