URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 91.92.252.220 |
|---|---|
| Firstseen: | 2024-04-24 09:05:07 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-04-24 09:06:06 | http://91.92.252.220/X1.exe | Offline | AsyncRAT  exe |  abus3reports |
| 2024-04-24 09:06:06 | http://91.92.252.220/X2.exe | Offline | exe Formbook | abus3reports |
| 2024-04-24 09:06:06 | http://91.92.252.220/build.exe | Offline | exe RedLineStealer | abus3reports |
| 2024-04-24 09:06:06 | http://91.92.252.220/Output.exe | Offline | exe Formbook | abus3reports |
| 2024-04-24 09:06:06 | http://91.92.252.220/ScreenConnect.Client.exe | Offline | connectwise exe | abus3reports |
| 2024-04-24 09:06:06 | http://91.92.252.220/explorer.exe | Offline | exe RedLineStealer | abus3reports |
| 2024-04-24 09:05:13 | http://91.92.252.220/123.jpg | Offline | xworm | abus3reports |
| 2024-04-24 09:05:12 | http://91.92.252.220/123.txt | Offline | AsyncRAT | abus3reports |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-04-24 09:06:06 | b019a47dc528a7197129adec69ea6813c28e60884c267cd297524296861a9ed6 | exe | Formbook | |
| 2024-04-24 09:06:06 | ece58cdda5d85a7fe7d7262313b8041e3c988d814b7dd60f0468dbb7109596ba | exe | RedLineStealer | |
| 2024-04-24 09:06:06 | 500b51771f03e61f1c46fc29c2a786201c123ae5f0369bd1664992bd7c434a30 | exe | Formbook | |
| 2024-04-24 09:06:06 | 37fcb2df95b2ba1bc601c6140b1d415ba362ea67834bc13d1eaebbb69a1e5f68 | exe | ConnectWise | |
| 2024-04-24 09:06:06 | fd15b9b162dcbe4f16157d4b13f69a6b2ede55fcd5ddb2a19bce8eb68a363e43 | exe | RedLineStealer | |
| 2024-04-24 09:06:05 | 1f204b43acfdf5d1088f37b2159d98d5500bdaeec99cd3f0d6e8ceb77282351b | exe | AsyncRAT | |
| 2024-04-24 09:05:09 | 925dcca433ad653cb99eea5318246960851c4dfd69d67cbb978578494af79dcc | txt | XWorm |