URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 104.245.241.219 |
|---|---|
| Firstseen: | 2025-03-25 16:48:03 UTC |
| Total malware sites : | 1 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-03-25 16:48:05 | 104.245.241.219 | Not listed | AS9009 M247 |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-03-25 16:48:05 | http://104.245.241.219/txt/sCIPrhZt5Yub9qL.exe | Offline | exe Loki  |  abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-03-27 03:52:24 | 353f0431abc35f4de737193828be509e69003e0ba6e917e60aa5ce6c025d98a0 | exe | Loki | |
| 2025-03-26 16:41:56 | 803314d516cb803d9c61b7f0df4b49cb3ed68e29ef80b2a2761f4258425a9475 | exe | Loki | |
| 2025-03-26 03:42:21 | b2b9b4ee2a4edc1926c1bfdfa07061968a2e8f3685f5cae15bfbe4723f9156c9 | exe | Loki | |
| 2025-03-25 16:48:05 | 1ecc198e5201c2c75116d69ff26703342f7b6c854edfbb9c0af6b3271f05a42e | exe | Loki |