URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	geiger.si
Domain registrar:	n/a
Domain registration date:	2004-10-11 00:00:00 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-03-02 07:52:03 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-03-02 07:52:05	91.185.211.58	server11.hitrost.net	Not listed	AS41828 TELEMACH-HOSTING	SI	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-04-26 10:41:06	http://geiger.si/katalog/osa/asobubu_tdutYlr98.bin	Offline	encrypted GuLoader	abuse_ch
2022-04-26 10:41:05	http://geiger.si/katalog/osa/polemisere.vbs	Offline	ascii GuLoader vbs	abuse_ch
2022-03-31 08:41:03	http://geiger.si/slike/ecnirp/pr2.txt	Offline	ascii NetWire powershell ps	abuse_ch
2022-03-31 08:41:03	http://geiger.si/slike/ecnirp/pr2.jpg	Offline	ascii NetWire powershell ps rat	abuse_ch
2022-03-29 07:53:03	http://geiger.si/slike/ecnirp/prince.jpg	Offline	ascii NetWire powershell ps rat	abuse_ch
2022-03-24 18:54:03	http://geiger.si/slike/ann/nmbv1.jpg	Offline	ascii powershell ps	abuse_ch
2022-03-24 18:48:04	http://geiger.si/slike/ann/juhs.jpg	Offline	ascii NetWire powershell ps rat	abuse_ch
2022-03-24 18:47:04	http://geiger.si/slike/ann/juhs2.txt	Offline	ascii NetWire powershell ps rat	abuse_ch
2022-03-02 07:52:05	http://geiger.si/slike/ecnirp/paul.vbs	Offline	GuLoader opendir vbs	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type
2022-04-27 03:37:02	29125f74b1df08f96c3c018a8b4c179e5ba7419f45e508792f74813691470690	txt
2022-04-26 10:41:06	0ff3275246bad613f47d045666dc3a75438161de541043c11878572ae54e4880	unknown
2022-04-26 10:41:05	20483e2076db27d5f2e71f82e18b2c0624405c367f67d17308843a8d3f3ea720	txt
2022-03-02 07:52:04	fec5d6e36a9ffce457a5e4daab5ec8a016647a0d478d2f8e4641d60b9c9d2fb6	unknown