URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | www.evograph.ro |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Not blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-11-24 21:19:03 UTC |
| Total malware sites : | 5 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 5 (100%) |
| A record(s) observed : | 3 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-27 15:39:11 | 185.30.124.158 | Not listed | AS20853 ETOP-AS |  PL | yes | |
| 2025-04-27 15:39:11 | 185.73.228.142 | Not listed | AS20853 ETOP-AS | PL | yes | |
| 2020-11-24 21:19:05 | 89.40.17.17 | cloudshared.nsh.ro | Not listed | AS5606 GTS-BACKBONE |  RO | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-11-28 13:53:03 | http://www.evograph.ro/js/fw2.exe | Offline | exe |  abuse_ch |
| 2020-11-28 13:53:03 | http://www.evograph.ro/js/fw3.exe | Offline | exe | abuse_ch |
| 2020-11-28 13:53:03 | http://www.evograph.ro/js/fw4.exe | Offline | exe | abuse_ch |
| 2020-11-24 21:19:06 | http://www.evograph.ro/js/sooft.exe | Offline | exe schoolboy |  zbetcheckin |
| 2020-11-24 21:19:05 | http://www.evograph.ro/js/fw1.exe | Offline | ArkeiStealer  exe RaccoonStealer | zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-12-02 09:52:24 | 9a91c5db492dc2a2acad21ec201c9598d49e76dfec9ca89fef1624cb34c95bdc | exe | RaccoonStealer | |
| 2020-11-29 16:57:37 | 025e6f24f86484bb2ffd57d222a4e0e18c43b43cd0209100fb780d67c3be893f | exe | ArkeiStealer | |
| 2020-11-28 02:14:54 | 48dd07930ff57b6eed433487810ca1adb757cb49166ea5037440364290a69874 | exe | ArkeiStealer | |
| 2020-11-27 19:27:46 | 92426fe39cddb0d10510d1a6d2d90600b651b55cdf7f441782b9b3ad7817f935 | exe | ArkeiStealer | |
| 2020-11-27 10:36:33 | 4626980a591b50826c7ed3ba55812df592c8abd7e40131438d4faa0319aac7fb | exe | ArkeiStealer | |
| 2020-11-26 16:39:18 | c6054f12d81d13377e8236ed3c9f891c0a456529d6bb91a541afbe9f4e1c2738 | exe | ArkeiStealer | |
| 2020-11-25 18:39:33 | 754d057252e7b4584a67240267b76200b74c6945d23f9f2301a8b1ba4215fac6 | exe | ArkeiStealer | |
| 2020-11-24 21:19:06 | 02966f179539c6d840d54fee924b0ee69c03e34eaee10f3c2a30e2524103ad5e | exe | SchoolBoy | |
| 2020-11-24 21:19:05 | 44ff6d294f2a5bd347385b204d5d6e219ce5e785cf567fb48820b0c4aefac4e1 | exe | ArkeiStealer |