URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
No IP address found (domain offline?)
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-01-11 05:45:12 | https://deviltelegram.000webhostapp.com/A.exe | Offline | 32 exe Loda  |  zbetcheckin |
| 2024-01-11 04:53:06 | https://deviltelegram.000webhostapp.com/Santaa.exe | Offline | 64 AgentTesla exe | zbetcheckin |
| 2024-01-11 04:14:07 | https://deviltelegram.000webhostapp.com/G.exe | Offline | 32 exe predator | zbetcheckin |
| 2024-01-10 13:58:08 | https://deviltelegram.000webhostapp.com/santa.exe | Offline | DarkCloud exe |  abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-01-11 07:14:06 | 6e36d48c1c2132e2f2069bc973a20e4235c6761e237051b31b3558a4df938525 | exe | ||
| 2024-01-11 05:45:12 | 007d4a581f70c7d0a86307123df5d769c3d948dd9b7d5c4ec3b274f2b0bf3647 | exe | Loda | |
| 2024-01-11 04:53:06 | 974b705980668b3d9fd809501c581d7961db4a43304826edf136764c789a28b1 | exe | AgentTesla | |
| 2024-01-11 04:29:12 | 873546478ec547e4e82af18fa5004c67794141d9cb98e79a4ff84c86a6c6aeb8 | exe | Predator | |
| 2024-01-10 13:58:08 | f1f32b6e13d2ee1678899aab184161b51b0c06df57719a85f9be5a8823c604b6 | exe | DarkCloud |