URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 91.92.242.249 |
|---|---|
| Firstseen: | 2026-01-21 17:38:04 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-01-21 17:38:06 | 91.92.242.249 | SBL686267 | AS202412 OMEGATECH-AS |  NL | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2026-01-22 16:33:05 | http://91.92.242.249:5000/mub/kj.bin | Offline | opendir ua-wget |  BlinkzSec |
| 2026-01-22 16:33:04 | http://91.92.242.249:5000/mub/mubi.py | Offline | opendir ua-wget | BlinkzSec |
| 2026-01-21 17:39:05 | http://91.92.242.249:5000/BF/bill.bat | Offline | opendir WsgiDAV |  DaveLikesMalwre |
| 2026-01-21 17:38:06 | http://91.92.242.249:5000/bill.wsf | Offline | opendir WsgiDAV | DaveLikesMalwre |
| 2026-01-21 17:38:06 | http://91.92.242.249:5000/mub/19.bin | Offline | opendir WsgiDAV | DaveLikesMalwre |
| 2026-01-21 17:38:06 | http://91.92.242.249:5000/mub/payload.bin | Offline | opendir WsgiDAV | DaveLikesMalwre |
| 2026-01-21 17:38:06 | http://91.92.242.249:5000/DE/datev-rechnung.lnk | Offline | opendir Quakbot  WsgiDAV | DaveLikesMalwre |
| 2026-01-21 17:38:06 | http://91.92.242.249:5000/mub/k.bin | Offline | opendir WsgiDAV | DaveLikesMalwre |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-01-22 16:33:05 | 004ffcce391cee37c51bbf888110a9f7cac00702fc2ff8ee6c71d307793e3109 | unknown | ||
| 2026-01-22 07:31:18 | c43c6d42811c628fafc90eed02fa105bc4136ada48c5c289b0b2fe21eba17c5e | lnk | Quakbot | |
| 2026-01-22 07:30:00 | 1088106c2ccbab1cec2e772cf7c26a506d757d74d7546acbd6781e16470fb038 | bat | ||
| 2026-01-22 02:34:50 | 9ad0ec38aea134f690efd3718b9d01bdbaa906e31b26d4d448de66a59402e611 | txt | ||
| 2026-01-21 17:39:05 | 89983aa93244b26a5ff6c27b6253e09960dba0a86de53dd1a976be0e100a9367 | bat | ||
| 2026-01-21 17:38:06 | b595ce3a180fa506017a504d5612ac22404948c9a85308d03cf4159bdb4ac5ad | txt | ||
| 2026-01-21 17:38:06 | 5f3854b3c423be54bc3ccd832c87a65319d596baddc6d611c171bc4fdf0f7257 | unknown | ||
| 2026-01-21 17:38:06 | 0976ac20cac105790bd927cbd76a25b87050d9259641e650a46d2026cb1f43b2 | unknown | ||
| 2026-01-21 17:38:06 | 927409f6d5f85ddd796a2deeccf45695a571449ec988eec18069751729713163 | lnk | Quakbot | |
| 2026-01-21 17:38:06 | 7efe030082f43e7140fd5a8dc1fc0b6571c6753df3d1c5cc96f5a1329b825837 | unknown |