URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	91.243.44.142
Firstseen:	2022-03-15 23:53:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-03-15 23:53:04	91.243.44.142		Not listed	AS34665 PINDC-AS	RU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-04-08 09:15:07	http://91.243.44.142/Nipdk_Qixhboqu.bmp	Offline	exe	vxvault
2022-03-18 19:58:04	http://91.243.44.142/aaa1-Fokyrre_Dvavilvj.png	Offline	exe	vxvault
2022-03-16 00:49:04	http://91.243.44.142/arx-Xlopf.exe	Offline	32 exe	zbetcheckin
2022-03-16 00:49:04	http://91.243.44.142/pl-Ukxamliyg.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-03-15 23:53:04	http://91.243.44.142/arx777-Ofdds.exe	Offline	exe	vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-04-08 09:15:07	61c6b2f9482db5ecb3b879227f9f1524486796f2e77d1e6c7de298bc250b2635	unknown
2022-03-18 19:58:04	4e6736676c314c486dc2d61efdec995a8a0990127ffcd74578379c2622f52b5c	unknown
2022-03-16 00:49:04	6d656133f5bac8282f31cc82ca0e3869692164a6907037aabc134736adc87b35	exe
2022-03-16 00:49:04	e962f44882a6fc4f5289556b7b0169b24838ea2285cf961b82447ff71ff2dc0d	exe	RemcosRAT
2022-03-15 23:53:04	937e8cf5c406f171696985b30f88d3e91f1d6c69e7489e2e4ea2609c641f7bd9	exe