URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	f0413249.xsph.ru
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-06-02 13:29:32 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-28 06:32:55	141.8.197.42	techproxy.from.sh	Not listed	AS35278 SPRINTHOST	RU	yes
2020-06-02 13:29:36	141.8.193.236	eldir.from.sh	Not listed	AS35278 SPRINTHOST	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-06-14 10:34:05	http://f0413249.xsph.ru/dwm.exe	Offline	exe	abuse_ch
2020-06-02 13:29:36	http://f0413249.xsph.ru/HWMonitor.exe	Offline	HawkEye	vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-06-14 10:34:05	827aff908200de2253676e6140a24865291414a1ce9700e1924a9885a0950884	exe
2020-06-14 08:07:56	2b3e989df198785d1c5f4b0ba905927f361db10dbb9cec304f0933785e2b38d6	exe
2020-06-13 13:21:19	e264113c34f7bd826c155ce23f373052bdb6deabc6ffe31afac7564dea6d01a9	exe
2020-06-12 12:15:40	99eb54ab6391cafa19a8c44fdd3b7f8044f8e81f1e00f09098efe1749b4bcf1e	exe
2020-06-11 00:41:19	836b28ebdab1a86f27760109ab87bce49755f57589c5b40265a5fe616306b6df	exe
2020-06-10 09:40:25	7921b4889e02f5894a27b511ee8e7304655736fe9588b6fe86d30ead2abd89a2	exe
2020-06-10 00:22:32	fe639ef6396629ce54e7352444f9ddf1a3aa8f5853f0368b230a73cfe7d62643	exe
2020-06-09 15:25:51	e3b6b54d958c6fa0e661cccdb750e565c685ba93e6ce2377f73a04ca689bf42a	exe
2020-06-09 05:19:12	7ab3cef019031927c5e24d796eba7d99eccce0c2e955abcadcd753a048f80bca	exe
2020-06-08 19:20:54	e9dfa43be04410948b7e56a5cecf5bd5c3ab61d1050f24e105c6733ed4a67cd0	exe
2020-06-08 10:46:56	ef65b90badce6656e48efd5da185c7059293b37ce28eda72e59de78656d35b63	exe
2020-06-07 12:19:03	9f37b94ea59912229a396e7d7b070b56992e62d0ce4932e0378269e6ee661169	exe
2020-06-07 01:23:08	4a29689067b73a148dd1e5afe71410692bb4508c4fec8e5d20ed14485cab6596	exe
2020-06-06 23:57:03	c619ddf23923361e9eb7d7448b77aaa96e9b9f87f941dd5c3adfa62c013c22ad	exe
2020-06-06 21:12:20	70ff0cb2708276e630fd8143115bf0644bb647cb97d1ebb1b65e0aaae78cec1d	exe
2020-06-06 17:22:15	f51120f2a61d6fecb4dcb35774e1dc133934ef057f77b129fc62098799e6bef5	exe
2020-06-05 23:06:51	18b5d6d0e6683b38b695586c4f988dfa9751d4a4fb964a51cc3673466472c303	exe
2020-06-05 14:32:42	4c98c9331de430cd6cbe26c4bc34297f9f98ce0536393f180661fb2a79f21ec9	exe
2020-06-04 21:06:47	bd5145ed20b0a444f4e8fd8e5884811705cc01d27c108004adedeb508dd45a42	exe
2020-06-04 11:59:22	20b9d2b67e57aa7138beacefa9538f1d03966a9660dad3e1308c735622cad4fa	exe
2020-06-03 20:41:48	9bdbb898136cc631ca52546ae79f44910ff10c19ccefe1a76d64f3a615538bf1	exe
2020-06-03 13:25:56	df0c3ab7909c86918d2df4f70fce6f57504607daf18e167411daebd11235958c	exe
2020-06-02 13:29:36	149be9ee402fe6934e8898ac578f8ded23d397761ab4fa0a976c9d978d489948	exe	HawkEye