URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	91.92.242.251
Firstseen:	2023-12-05 16:30:08 UTC
Total malware sites :	7
Online malware sites :	0 (0%)
Offline Malware sites :	7 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-12-05 16:30:12	91.92.242.251		SBL686267	AS214943 RAILNET	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-12-06 16:31:35	http://91.92.242.251/Ehthcrwayn.exe	Offline		abuse_ch
2023-12-06 16:31:35	http://91.92.242.251/Anzjgnbmuz.exe	Offline		abuse_ch
2023-12-06 16:31:35	http://91.92.242.251/Kldxhd.exe	Offline		abuse_ch
2023-12-06 16:31:35	http://91.92.242.251/base98.exe	Offline		abuse_ch
2023-12-05 18:00:37	http://91.92.242.251/Vonupajtmf.exe	Offline	64 exe zgRAT	zbetcheckin
2023-12-05 18:00:18	http://91.92.242.251/Ygmpogts.exe	Offline	64 exe	zbetcheckin
2023-12-05 16:30:12	http://91.92.242.251/Omnknufm.exe	Offline	64 exe zgRAT	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-12-05 18:02:22	d30a0536849fe6a5e1fc223f1cbd784cc83b8889ecb2e46b879cf56fb0dff03b	exe	zgRAT
2023-12-05 18:00:18	2ba97ed5f4d0a8ea8b7922ed7ba5460d63e03e27e91a32ef46438fd0e73576d1	exe
2023-12-05 16:30:11	acd49294aa9aaf8f0a8b057438a3783038822868c8eb98a4289bb7f4ec54268e	exe	zgRAT