URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-04-20 11:41:38 | 185.229.118.180 | srv161.niagahoster.com | Not listed | AS47583 AS-HOSTINGER |  SG | yes |
| 2021-11-03 19:04:08 | 91.148.168.144 | venera.vivawebhost.com | Not listed | AS57344 TELEHOUSE-AS |  BG | no |
| 2022-01-05 23:54:53 | 102.49.220.173 | Not listed | AS6713 IAM-AS |  MA | no | |
| 2022-01-05 18:02:30 | 196.82.250.135 | Not listed | AS6713 IAM-AS | MA | no | |
| 2022-01-06 07:37:38 | 196.86.91.20 | Not listed | AS6713 IAM-AS | MA | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-11-15 08:13:04 | http://www.dynatech-int.com/public_html-old/wer... | Offline | exe SnakeKeylogger  |  abuse_ch |
| 2021-11-03 19:04:08 | http://www.dynatech-int.com/log/en/amaert.exe | Offline | exe SnakeKeylogger | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-11-15 08:13:04 | ac33fef4a1fd900879b94ed718faae717c2a7fffe6f6b1f9974037b2c3462dab | exe | SnakeKeylogger | |
| 2021-11-09 02:26:44 | 12b9ea85ac7d4623589b5842d4fe92b257e5c189c77f19f842f3987f8fcbebec | exe | ||
| 2021-11-03 19:04:08 | 983d88fd85614314aa9890ba0104ea9d5589726636140011249f7931c1e13e7e | exe | SnakeKeylogger |