URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | jonnyomar.xyz |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2022-12-01 08:59:03 UTC |
| Total malware sites : | 3 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 3 (100%) |
| A record(s) observed : | 5 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-06-01 02:11:32 | 47.76.127.217 | Not listed | AS45102 ALIBABA-CN-NET |  HK | no | |
| 2025-06-01 02:11:32 | 47.91.170.222 | Not listed | AS45102 ALIBABA-CN-NET | HK | no | |
| 2025-06-01 02:11:32 | 8.218.208.240 | Not listed | AS45102 ALIBABA-CN-NET | HK | no | |
| 2022-12-01 20:47:27 | 5.206.224.61 | lukslab.com | Not listed | AS47674 NETSOLUTIONS |  PT | no |
| 2022-12-01 08:59:12 | 45.8.144.98 | milton.example.com | Not listed | AS209847 THE |  RU | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-12-02 01:09:09 | http://jonnyomar.xyz/umciavi32.exe | Offline | 32 exe RedLineStealer  |  zbetcheckin |
| 2022-12-01 09:28:06 | http://jonnyomar.xyz/nppshell32.exe | Offline | AsyncRAT exe | vxvault |
| 2022-12-01 08:59:12 | http://jonnyomar.xyz/nppshell.exe | Offline | ArkeiStealer exe | vxvault |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-12-02 23:06:37 | 39d530e953b30b40479a296bcb88d1f30697cdb4a42acb079c25f8dd4439bc04 | exe | ||
| 2022-12-02 01:09:09 | e100d262ff4cd2a62a8d08244336c4d68044d00c57117833280ae2e3d8f22341 | exe | RedLineStealer | |
| 2022-12-02 01:03:26 | 32965cb1693c1e80c5033487e93a459b199e480e4615351e21debf178ae4270f | exe | ||
| 2022-12-01 20:24:04 | 35d85686c6b5c412ec5e6d6a8c3ef44ae2eda80162d4578073624ee45d4d343b | exe | ||
| 2022-12-01 11:44:29 | 1cd90a306cb04ddc66545e47d7ca55d2bbc1dc0877d79f0cdfabadedc43f87e7 | exe | AsyncRAT | |
| 2022-12-01 11:20:50 | 9e2f22ffea4f927b175a104388169e599fb1adf52a01464d21067305780a0277 | exe | ArkeiStealer | |
| 2022-12-01 10:29:03 | f99cf4e79efb37bea41405c5701f8ce7f86dea17a05b0c89f8f775c28458b214 | exe | AsyncRAT | |
| 2022-12-01 09:28:06 | 85e20ebe81728a940a779fa5930cd4191b02492db6a6e83b4e7f305238958c47 | exe | ||
| 2022-12-01 08:59:06 | 5e609fdb0a898c8fc4510e8f4508618fafb345d71528586b5c0f8eb6df547abe | exe | ArkeiStealer |