URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: greyhuksy.work
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2019-02-27 08:58:01 UTC
Total malware sites :1
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-06-05 15:00:58 47.91.170.222Not listedAS45102 ALIBABA-CN-NET- HKno
2019-02-27 08:58:05 192.161.176.162unassigned.quadranet.comNot listedAS203020 HostRoyale- INno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2019-02-27 08:58:05http://greyhuksy.work/wp-content/themes/zerif-l...Offlineexe Ransomware Troldesh ext abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2019-05-09 19:01:28dcc8f1ce5e70327aefff973fc621045693dc2ccd0943a3e0af34110823a8bceaexe  
2019-04-08 09:06:3421c6c96fc01751a0bfe45cc661f08fe5829ddaf9f82d00d07e1c795dfee8ed3aexe  
2019-04-08 06:10:0488378972da810dfb4256711965e66bd4dbdb4484f69812ac6f217944fec78f49exe  
2019-04-06 06:36:284fd887e4601960642aff9de6af010712b1533c09725a98ca366ce892b7fa2afaexe  
2019-03-20 14:10:0939ce95c424a7c6a78e6f725dcd1a8355132988598319bf785113e9058f03210cexe  
2019-03-19 09:01:24c256c20e3f1e66b5b263837ef0de16ba1717149cd7c900b48aa94979cfbb9b39exe  
2019-03-13 11:06:26ad449acc9c68dc8a86c5a9d18c44eea2712b3178a98f10229b2b84b86c276571exe