URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	b.9-9-8.com
Domain registrar:	Tucows
Domain registration date:	2023-11-13 09:55:42 UTC
Spamhaus DBL :	Malware domain
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-03-08 05:29:05 UTC
Total malware sites :	12
Online malware sites :	0 (0%)
Offline Malware sites :	12 (100%)
A record(s) observed :	11

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-01-05 15:00:30	49.13.54.184	0dave.ch	Not listed	AS24940 HETZNER-AS	DE	no
2024-11-17 11:45:40	52.223.13.41	a74e89cf4458da039.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2024-08-16 07:00:15	158.160.116.91		Not listed	AS200350 YandexCloud	RU	no
2024-08-12 10:24:15	62.113.111.152		Not listed	AS198610 BEGET-AS	RU	no
2024-06-21 10:25:27	170.106.179.197		Not listed	AS132203 TENCENT-NET-AP-CN	US	no
2024-06-21 10:10:50	147.45.187.212		Not listed	AS210976 TWC-EU	RU	no
2024-06-21 06:40:30	51.83.99.49	vps-e2e7b62e.vps.ovh.net	Not listed	AS16276 OVH	FR	no
2024-05-30 08:19:10	206.189.204.54		Not listed	AS14061 DIGITALOCEAN-ASN	US	no
2024-03-12 08:18:43	51.250.69.53		Not listed	AS200350 YandexCloud	RU	no
2024-03-08 05:29:07	107.189.31.172		Not listed	AS53667 PONYNET	LU	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-05-30 08:36:09	http://b.9-9-8.com/brysj/d//s.sh	Offline		abus3reports
2024-05-30 08:20:11	http://b.9-9-8.com/brysj/d//ar.sh	Offline	CoinMiner shellscript trojan	abus3reports
2024-05-30 08:19:11	http://b.9-9-8.com/brysj/m/chkstart	Offline	elf	abus3reports
2024-05-30 08:19:10	http://b.9-9-8.com/brysj/b.sh	Offline	code-injection shellscript	abus3reports
2024-03-09 09:31:38	http://b.9-9-8.com/brysj/d/ar.sh	Offline	exploit miner	coremeww
2024-03-09 09:31:38	http://b.9-9-8.com/t.sh	Offline	exploit miner	coremeww
2024-03-09 09:31:38	http://b.9-9-8.com/brysj/cronb.sh	Offline	exploit miner	coremeww
2024-03-09 09:31:38	http://b.9-9-8.com/brysj/m/enbash.tar	Offline	exploit miner	coremeww
2024-03-09 09:31:38	http://b.9-9-8.com/brysj/m/enbio.tar	Offline	exploit miner	coremeww
2024-03-09 09:31:38	http://b.9-9-8.com/brysj/w.sh	Offline	exploit miner	coremeww
2024-03-08 11:47:09	http://b.9-9-8.com/brysj/d/h.sh	Offline	64 elf	zbetcheckin
2024-03-08 05:29:07	http://b.9-9-8.com/brysj/d/s.sh	Offline	shellscript	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-06-08 07:04:29	0ada3a819a2cdffe006e9272a7d7921a8bc90b3ca4bdd667186510a65f75b658	sh
2024-06-05 22:17:00	7d80ee611ff66f0381632e62cfc190dc771c84ac1f7f4c13afb7ca18255da9ff	elf
2024-06-05 22:15:22	441041a36e38c8781218ed8d0a578239e3a4f650a43d7ec93dd26b9554fb2001	sh
2024-05-30 08:36:09	32dfb086e6719c20666f151d17a3fbfcbccf559d0a8f1b2b888175f1a4d8f8a8	sh
2024-05-30 08:20:10	12481d3fbcee0ed5aa8a9c8bc1aeb71bf9439cbddf68e8cd275c2a90b26ec0ad	sh
2024-05-30 08:19:11	4e76cde3485cf8da69e196736d768b05a3931b844bce2debe6d211e1e1adba9e	elf
2024-05-30 08:19:07	852a577b227aa856399ae836d9db15eee38a4f62301a8590f80a009ec29dad8a	sh
2024-03-13 08:15:01	b21209e41580266536de820bf25a445edd4be1917bf1bbcff6ac724697a04484	unknown
2024-03-12 11:14:00	d4508f8e722f2f3ddd49023e7689d8c65389f65c871ef12e3a6635bbaeb7eb6e	sh
2024-03-12 10:29:35	d4508f8e722f2f3ddd49023e7689d8c65389f65c871ef12e3a6635bbaeb7eb6e	sh
2024-03-12 10:04:32	bb89a6bbddc5dda36542a5fef230b8fa9d98fbdb0ec4fa1794b8c28a0b5a3af4	unknown
2024-03-12 09:27:02	64d8f887e33781bb814eaefa98dd64368da9a8d38bd9da4a76f04a23b6eb9de5	unknown
2024-03-12 09:08:41	9eafaf5e0fb9a91f2887f3e81fd7ad6d70973ff7cbb807dab4bf0f319a668b95	unknown
2024-03-12 09:07:15	d4508f8e722f2f3ddd49023e7689d8c65389f65c871ef12e3a6635bbaeb7eb6e	sh
2024-03-08 11:47:09	d45aca9ee44e1e510e951033f7ac72c137fc90129a7d5cd383296b6bd1e3ddb5	elf
2024-03-08 05:29:06	251501255693122e818cadc28ced1ddb0e6bf4a720fd36dbb39bc7dedface8e5	sh