URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	91.213.50.74
Firstseen:	2022-12-20 07:45:05 UTC
Total malware sites :	43
Online malware sites :	0 (0%)
Offline Malware sites :	43 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-12-20 07:45:11	91.213.50.74		Not listed	AS49943 UNKNOWN	AE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-09-08 09:55:10	http://91.213.50.74//CRYPS/Q9/dll3f3.txt	Offline		Anonymous
2023-09-08 09:55:09	http://91.213.50.74//CRYPS/Q9/PeF3.txt	Offline		Anonymous
2023-07-08 10:41:13	http://91.213.50.74/new/mofers/SP/Q2s.txt	Offline	HTI QuasarRAT	JAMESWT_MHT
2023-07-08 10:41:13	http://91.213.50.74/new/mofers/Rmz.txt	Offline	HTI RemcosRAT	JAMESWT_MHT
2023-07-08 10:41:13	http://91.213.50.74/new/mofers/T3.txt	Offline	HTI QuasarRAT	JAMESWT_MHT
2023-07-08 10:41:13	https://91.213.50.74/CRYPS/Q7/dllF3.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:13	http://91.213.50.74/GREEN/RX/nuevadll.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:13	http://91.213.50.74/new/mofers/R.txt	Offline	HTI RemcosRAT	JAMESWT_MHT
2023-07-08 10:41:13	https://91.213.50.74/CRYPS/Q7/QWER/dllf3.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:13	http://91.213.50.74/new/mofers/Q7.txt	Offline	HTI QuasarRAT	JAMESWT_MHT
2023-07-08 10:41:13	http://91.213.50.74/new/mofers/Rm.txt	Offline	HTI RemcosRAT	JAMESWT_MHT
2023-07-08 10:41:12	https://91.213.50.74/CRYPS/QWERS/NEW23/Pef3.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/Q1.txt	Offline	HTI QuasarRAT	JAMESWT_MHT
2023-07-08 10:41:12	https://91.213.50.74/CRYPS/QWERS/MASTERXLS/dll.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/Async.txt	Offline	AsyncRAT HTI	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/Arrw.txt	Offline	AsyncRAT HTI	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/njx.txt	Offline	HTI njRAT	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/ZX2.txt	Offline	HTI njRAT	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/Nx.txt	Offline	HTI njRAT	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/SP/MC/BANDI99.txt	Offline	HTI njRAT	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/ny1.txt	Offline	HTI njRAT	JAMESWT_MHT
2023-07-08 10:41:12	https://91.213.50.74/CRYPS/QWERS/NEW24/Pe03.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:12	http://91.213.50.74/new/mofers/Lx6.txt	Offline	Gozi HTI	JAMESWT_MHT
2023-07-08 10:41:12	https://91.213.50.74/CRYPS/QWERS/NEW25/crypdas.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:12	https://91.213.50.74/CRYPS/QWERS/NEW24/dllF3.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:11	https://91.213.50.74/CRYPS/Q7/QWER/PeF3.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:11	https://91.213.50.74/CRYPS/Q7/PeF3.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:11	https://91.213.50.74/CRYPS/QWERS/MASTERXLS/PeF3...	Offline	HTI	JAMESWT_MHT
2023-07-08 10:41:11	http://91.213.50.74/new/mofers/SP/nxj.txt	Offline	HTI njRAT	JAMESWT_MHT
2023-07-08 10:41:11	http://91.213.50.74/new/mofers/NJ.txt	Offline	HTI njRAT	JAMESWT_MHT
2023-07-08 10:41:11	http://91.213.50.74/new/mofers/Arhvn.txt	Offline	arrowrat HTI	JAMESWT_MHT
2023-07-08 10:41:11	http://91.213.50.74/new/mofers/L8.txt	Offline	Gozi HTI	JAMESWT_MHT
2023-07-08 09:44:08	http://91.213.50.74/CRYPS/QWERS/NEW24/dllF3.txt	Offline	HTI	JAMESWT_MHT
2023-07-08 09:44:06	http://91.213.50.74/new/mofers/njz.txt	Offline	HTI njRAT	JAMESWT_MHT
2023-07-08 09:44:06	http://91.213.50.74/CRYPS/QWERS/NEW24/Pe03.txt	Offline	HTI	JAMESWT_MHT
2022-12-21 17:44:03	http://91.213.50.74/GREEN/RX/F3Pe.txt	Offline	Encoded HTI opendir	abuse_ch
2022-12-21 17:44:03	http://91.213.50.74/GREEN/ZXC/ZAS/PeF3.txt	Offline	Encoded HTI opendir	abuse_ch
2022-12-21 17:44:03	http://91.213.50.74/GREEN/RXWER/fePe.txt	Offline	Encoded HTI opendir	abuse_ch
2022-12-21 17:44:03	http://91.213.50.74/GREEN/RX/F3dll.txt	Offline	ascii Encoded HTI opendir	abuse_ch
2022-12-21 17:44:03	http://91.213.50.74/GREEN/RXWER/dllf3.txt	Offline	ascii Encoded HTI opendir	abuse_ch
2022-12-21 17:44:03	http://91.213.50.74/GREEN/ZXC/ZAS/dllf3.txt	Offline	ascii Encoded HTI opendir	abuse_ch
2022-12-20 07:45:11	http://91.213.50.74/CRYPS/QWERS/MASTERXLS/PeF3N...	Offline	HTI opendir	abuse_ch
2022-12-20 07:45:11	http://91.213.50.74/CRYPS/QWERS/MASTERXLS/dll.txt	Offline	HTI opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-09-08 09:55:10	13f41cb094f8309fe7dd8bd2f9fbd00b3ebba7cf1bc7c7e291bd66de47674209	txt
2023-09-08 09:55:09	2ec21015cffee98b03d33b86f65c0b526ed158dab745521dcf50a10d23d07808	unknown
2023-07-08 10:41:13	dbc597c5a4c532eb959740dffe368cf27605bb9793e30f87530d10efe1ebb8dc	txt	QuasarRAT
2023-07-08 10:41:13	e0bede137de510fa9d07894fc2475c5c38af0832cee1871239a2c8456ce7cf20	txt	RemcosRAT
2023-07-08 10:41:13	a5b87e0f2c2c7af9a3cb1985d40189cbff8570eb422f3c2d57c0c2075dfad868	txt	QuasarRAT
2023-07-08 10:41:13	495111e2591171e474a815e040b4587d11d5e977a15e7113580de3fcfb9ac31f	txt
2023-07-08 10:41:13	bc21f48e11d231619118d5da2ce1d12e280df3d17bcc941c61573268d8767140	txt
2023-07-08 10:41:13	04fb07737340a94a11abb38b3974a769fd279ff55584d8d49a13b75db08c3a03	txt	RemcosRAT
2023-07-08 10:41:13	48c3854a498d317a6c0c080fcf3524a92b4f3832f0fdd9481818deaff1153c46	txt
2023-07-08 10:41:13	8a66611c1d86e124ae32ce868c14233d207214cb76b4db455b61ec5560997b29	txt	QuasarRAT
2023-07-08 10:41:13	aca4b3dbb9a0b1906c0dce0611793cbb0185e1488d3be8dbbeb2675f9e1cdeaa	txt	RemcosRAT
2023-07-08 10:41:12	22ab868dc3bb87e327d0de4d0aedddc70200d47d926ce214aab0bf3230f71252	unknown
2023-07-08 10:41:12	d3aa396166cf4fc7140274d78bde2ea9b0eb3c8377dee376f300b403eacc0f76	txt	QuasarRAT
2023-07-08 10:41:12	dea9e66ac7d4d4cc192aa0531f7db465e5515fd2eced757cedb7b49dede7cdcd	txt
2023-07-08 10:41:12	8258161e3174011d59ba5f8282a0663382808c28d950857d2c7812a951d9fc57	txt	AsyncRAT
2023-07-08 10:41:12	9e4d78a77e7c42b5fe49dc1ed7c9f63e55eb1c770c6b16ef4e809740b2975a38	txt	AsyncRAT
2023-07-08 10:41:12	9cd155a2837a0fdecac6c216073d3bfb453af6ec4d7cf0ff1cab29acf225ee61	txt	njrat
2023-07-08 10:41:12	bc4c6e2474a909a87e28069445395b09b2a3e3c39f11a81bcffb7cc2632837ac	txt	njrat
2023-07-08 10:41:12	539690a71dd05fed9d139014f8414b0686013b28c30a52d5851e1d3e86e4cf28	txt	njrat
2023-07-08 10:41:12	9cb948d6e1acedc51461083dc37d0ba8f74e73387689a98b69c889b87417ecb6	txt	njrat
2023-07-08 10:41:12	9a849b3d91f1ed4292fd3e2a87d6dc0cdb057fae3d930993bab478523185182e	txt	njrat
2023-07-08 10:41:12	d27224eb9e5c34abfb22ba1941f3c4c4fbcfb5702899f8cf4fe280f4aa881d44	unknown
2023-07-08 10:41:11	da939debbc7d60ce6ccd27767d7c4256615e00912aa22a46ad2805bebe3427b1	txt	Gozi
2023-07-08 10:41:11	07a4efc6a7b6d211c4d268c283974a9913a1ff9bdffe15a68d6542c586e728e5	unknown
2023-07-08 10:41:11	e33b9f53889aab6e8f4fa9d379f3d1d6deac712593106be0102e764252031609	unknown
2023-07-08 10:41:11	235a4869a9e7f44b283da1bac05aed36337ffb44e6cb362f2e2ad58a1431e37e	unknown
2023-07-08 10:41:11	083c50e6b9875fe5df15be50193a5c55331e613498f419388475fdd5f726d611	txt	njrat
2023-07-08 10:41:11	dc5c428eb8a77c488cd8617ee11af404a9cec464a82b3741de48bec8d7b046d4	txt	njrat
2023-07-08 10:41:11	d3431fb4f3d309dad981f5c725c15cbca5ce4d00801b7d92d0bb6c420c9a3df7	txt	ArrowRAT
2023-07-08 10:41:11	5d598e3afe8736c96f6d2cc0a6509b12e9fc15d45afc070e7e9d5bd68946335e	txt	Gozi
2023-07-08 10:41:11	fb19dd60cf30e2c61634df2042c588f84882097e142d9e7b4ab1faebb974338a	txt
2023-07-08 10:41:11	62590723dffc946a4facb19c7da058a68ffd373041eff35a842f621c1835a1d6	txt
2023-07-08 09:44:08	fb19dd60cf30e2c61634df2042c588f84882097e142d9e7b4ab1faebb974338a	txt
2023-07-08 09:44:06	7e4eefbc013cf9c3d650eb309727a995fab17e7661308217aa8eab12d6fa7bba	txt	njrat
2023-07-08 09:44:06	d27224eb9e5c34abfb22ba1941f3c4c4fbcfb5702899f8cf4fe280f4aa881d44	unknown
2022-12-21 17:44:03	8987f0b4fe2f98f7259dff4b9771dabeba91719c7d6fce23f8b857f03654fa1f	unknown
2022-12-21 17:44:03	9c94f952040977778e549aae5543c35db95f4751d609e07b8d4f63454e00e8ea	unknown
2022-12-21 17:44:03	8987f0b4fe2f98f7259dff4b9771dabeba91719c7d6fce23f8b857f03654fa1f	unknown
2022-12-21 17:44:03	b763f10da58edab82a8ee9b8ffe65574fe29813b49aad265d213dc7466780a26	txt
2022-12-21 17:44:03	ab7d6bdb566bd34ee6cc24d25da4d634b65576c5dc944bbc31e44f281630fce6	txt
2022-12-21 17:44:03	1bca26359d4341e3bad1bbaa78c77deb94863b9517c480e15bd8a2c4f9aa67e4	txt
2022-12-20 07:45:06	235a4869a9e7f44b283da1bac05aed36337ffb44e6cb362f2e2ad58a1431e37e	unknown
2022-12-20 07:45:06	dea9e66ac7d4d4cc192aa0531f7db465e5515fd2eced757cedb7b49dede7cdcd	txt