URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-03 19:56:01	82.67.39.194	tok69-2_migr-82-67-39-194.fbx.proxad.net	Not listed	AS12322 PROXAD	FR	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-10-04 16:03:18	http://82.67.39.194:12345/AV.scr	Offline	CoinMiner	Riordz
2025-10-04 05:10:54	http://82.67.39.194:12345/Video.scr	Offline	CoinMiner	Riordz
2025-10-04 04:55:53	http://82.67.39.194:12345/Photo.lnk	Offline	CoinMiner	Riordz
2025-10-04 04:45:06	http://82.67.39.194:12345/Video.lnk	Offline	CoinMiner	Riordz
2025-10-04 04:34:05	http://82.67.39.194:12345/AV.lnk	Offline	CoinMiner	Riordz
2025-10-04 03:02:09	http://82.67.39.194:12345/Photo.scr	Online	CoinMiner	threatquery
2025-10-03 19:56:01	http://82.67.39.194:12345/info.zip	Online	CoinMiner zip	Riordz

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2026-05-06 21:55:42	58f8a257f45daff12496ac7ede72a7380264d8f37628b0065426255324e70c19	exe		CoinMiner
2025-12-19 05:22:19	cfd4ea23192f65be29e33e4458956f58346526fa26b7f9554d43ac88b76f339b	exe		CoinMiner
2025-10-04 03:02:09	1ef23ef9660ff21212cda19a2d12b2bd72626925ecb7e3fdc51f90bbcaf1e5ad	exe		CoinMiner
2025-10-03 19:56:00	3b39314fa8b30db815fefbcc130f28bf2bd51d06939ab9545cc63d35acdf75df	zip