URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-02-16 11:43:55 | 5.34.180.26 | vps.hostry.com | Not listed | AS21100 ITLDC-EU |  NL | no |
| 2022-01-31 07:42:14 | 5.34.178.178 | Not listed | AS204957 GREENFLOID-AS |  US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-01-31 07:42:14 | https://kiff.ltd/links/uploads/IwtblEU2.exe | Offline | 32 exe RedLineStealer  |  zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-02-02 22:47:17 | 7f72ecd51295dc108957c937e34ac63b9043c30afb2eb0323a776f1423d0eb94 | exe | ||
| 2022-02-02 16:38:29 | abd054e7a6a48ac8a33ffa9fab4814d0c68149f5a5eea1b0a68e84d2057811d6 | exe | RedLineStealer | |
| 2022-02-01 17:24:56 | faec9f2bb4da32ed322a8d98e634997ba23d2b28aa64a2efe7d49d6bb2f15467 | exe | RedLineStealer | |
| 2022-01-31 17:25:01 | b4f2b45e48cf433196a2911b98290d06c64ec17b6f69d88e26adc29628494ffb | exe | RedLineStealer | |
| 2022-01-31 12:26:07 | e708823ea6f27372ae9ff3d1b1c12f02ccb29bdbb02112906c560d0806b2746c | exe | RedLineStealer | |
| 2022-01-31 07:42:13 | a9512d7f86393138f7c628ea275242542d3aeab0616979bff5de178841d22024 | exe | RedLineStealer |