URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-12-15 17:31:09 | 31.31.196.218 | server240.hosting.reg.ru | Not listed | AS197695 AS-REGRU |  RU | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-12-15 17:32:11 | http://oniondq7shlx1001.cyou/cpwsfmvg.exe | Offline | 32 exe |  zbetcheckin |
| 2021-12-15 17:31:09 | http://oniondq7shlx1001.cyou/miexciuz.exe | Offline | CoinMiner exe | zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-12-17 12:32:02 | 2e8a145ffb3a383cea9921fe6b9d51a1b552ddd1686ed04adc463306eacf105c | exe | ||
| 2021-12-17 04:42:26 | 34ff0fbef3847b8e1312aaa4d29f1d91fbf172a23071243636b844929476d140 | exe | ||
| 2021-12-17 04:27:16 | df0bd3c0ed94d6f87b32574f5d6cfbbeade15a2aa59a4d60f9bf2ed70008a470 | exe | ||
| 2021-12-16 19:22:09 | 31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1 | exe | ||
| 2021-12-15 17:32:09 | 925b7b38868675725656b93e6d7349048a3702fc13b8fd62b305155e332b8980 | exe | ||
| 2021-12-15 17:31:09 | d29acdeb134477223baaf3b97aef34f5ff2b5832567718025bdac30421ac7ad7 | exe | CoinMiner |