URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	91.92.240.85
Firstseen:	2023-11-01 16:28:04 UTC
Total malware sites :	16
Online malware sites :	0 (0%)
Offline Malware sites :	16 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-11-01 16:28:05	91.92.240.85		SBL686267	AS214943 RAILNET	DE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-05-23 07:52:08	http://91.92.240.85/x86_64	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:08	http://91.92.240.85/mipsel	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:08	http://91.92.240.85/sh4	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:08	http://91.92.240.85/sparc	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:08	http://91.92.240.85/mips	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:08	http://91.92.240.85/armv4l	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:08	http://91.92.240.85/powerpc	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:07	http://91.92.240.85/m68k	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:07	http://91.92.240.85/armv5l	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:06	http://91.92.240.85/bins.sh	Offline	elf shellscript	abus3reports
2024-05-23 07:52:06	http://91.92.240.85/i686	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:06	http://91.92.240.85/armv6l	Offline	elf gafgyt	abus3reports
2024-05-23 07:52:05	http://91.92.240.85/i586	Offline	elf gafgyt	abus3reports
2023-11-01 16:31:08	http://91.92.240.85/2010/GBH.txt	Offline	ascii Encoded opendir	abuse_ch
2023-11-01 16:29:05	http://91.92.240.85/2010/HtmlIEBrowserhistory.vbs	Offline	AgentTesla opendir vbs	abuse_ch
2023-11-01 16:28:05	http://91.92.240.85/2010/html/HTMLIEBrowserhist...	Offline	AgentTesla doc opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-05-23 07:52:08	1676e47228a2773c1081e8a1526215647b2cc7b71eaba96c20fa2ed1d2d181da	elf	Gafgyt
2024-05-23 07:52:08	259a381e9347e1e6c5b021da5218886916fca87f89cd7edca0adbd1af2453e75	elf	Gafgyt
2024-05-23 07:52:08	7618288ffcaa7b68176024d004967d0017b954dd816435ecbff6339a8703781a	elf	Gafgyt
2024-05-23 07:52:08	3e7b120b4b5ec4cee241e8a2e662d04e469c4fd302fe6b8e826e0a1d90e13fc7	elf	Gafgyt
2024-05-23 07:52:08	6d7aa94d945d1bf24c04090083f068bee4bac239cf973af9dee88e03cc8c6e2b	elf	Gafgyt
2024-05-23 07:52:08	d918692808ddbb79c87cb558674b95dca6b95de5b7bb1506fb2c6ba7c09d23e1	elf	Gafgyt
2024-05-23 07:52:08	e23a23c96e3d35bebfe00dea0cb9491ff4d39ff1e137655abd18fd19118ab5a1	elf	Gafgyt
2024-05-23 07:52:07	3562c112569ce1760704e57618a2b5dd793d118b6815cc3e6b42783ee8d7f0fa	elf	Gafgyt
2024-05-23 07:52:07	4f7321fbd496cffdc0a6c12e65197ab52f9ba7f2e8d9ead6c0b3e1ae245ec9c0	elf	Gafgyt
2024-05-23 07:52:06	f8a635fdb53331b17f6859469ce5dcb8757d73c80e04956ceba58ce7c037221d	elf	Gafgyt
2024-05-23 07:52:06	f33e37a0a7e246beabd4e18f395c55fbe4e1a01dcdf7c4c1f26d2bd902d735ff	elf	Gafgyt
2024-05-23 07:52:05	c42028a99920f03cb36155ec2525276e6adfa023bbcfc4f0a110221d6d028453	elf	Gafgyt
2024-05-23 07:52:05	502332d64339a32fe516b827ba49c2e2017036f7bedad781d491c1d1d58ab6b6	sh
2023-11-01 16:31:08	d54efbad1419c6266a9fbc3369c3cc2928bf959ad3a4e2c54278e57ec09d180f	txt
2023-11-01 16:29:05	74a6014f928b4f2b478b9e7120fab5f0c34da995b14aa96b579921d43ef0dad6	unknown
2023-11-01 16:28:05	96fad98741b1f2f81760710a36fca8ad8ff30e041e271705b7fde7d82f2a4036	unknown