URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-06-28 23:36:27 | 41.185.8.171 | srv99.hostserv.co.za | Not listed | AS36943 ZA-1-Grid |  ZA | no |
| 2021-01-26 16:50:59 | 41.185.8.73 | srv75.hostserv.co.za | Not listed | AS36943 ZA-1-Grid | ZA | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-01-26 16:50:59 | http://sainzim.co.za/blewthkht.rar | Offline | Dridex  payload |  Myrtus0x0 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-03-16 06:28:07 | 3637deaf293cf98ccd9fdb82e8908df0e3147ed91994855c283cbbc1d19e5bbd | dll | ||
| 2024-03-16 03:04:51 | 462ee5741253df02ecfdf92fbeea5963eaa0c0a5a03c7a19085bb865c035fedc | dll | ||
| 2024-03-15 08:44:26 | b826baa8a1b16e3298105754bcf5c771cfdc01508707ece5b60ee31435c38d46 | dll | ||
| 2024-03-14 14:31:43 | e480b86db5e29bae457c06f649985b1e5e694875952bccbfd4b311cda2d2da45 | dll | ||
| 2024-03-14 03:02:50 | 01ef05450dc2d60ca65cc52724cad4332d1e8e1a1f968ea29d1032b1950664a3 | dll | ||
| 2023-02-16 08:21:17 | 7fbc4ae7c7b76a8a627823cf36a43f7eca6a12d047fc6a83e822a003ed111402 | dll | Dridex | |
| 2022-08-16 14:22:14 | 5b34b25b9ec7d3ab2781df4bd596fe2586fcf8f09971dec0edc76c5254f1b1f1 | dll | ||
| 2021-01-26 16:50:58 | cfcc473a5f83f83517a1c4917dd2c330be6252bc95fcf176e9b783fb694f6f31 | dll | Dridex |