URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 13.61.196.219 |
|---|---|
| Firstseen: | 2025-06-13 01:32:03 UTC |
| Total malware sites : | 9 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 9 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-06-13 01:32:05 | 13.61.196.219 | ec2-13-61-196-219.eu-north-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 |  SE | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-06-13 10:42:04 | http://13.61.196.219:8080/upload.php | Offline |  abuse_ch | |
| 2025-06-13 01:33:04 | http://13.61.196.219:8080/exedownload.vbs | Offline | opendir |  Riordz |
| 2025-06-13 01:32:14 | http://13.61.196.219:8080/binder.exe | Offline | opendir | Riordz |
| 2025-06-13 01:32:05 | http://13.61.196.219:8080/get_file.ps1 | Offline | opendir | Riordz |
| 2025-06-13 01:32:05 | http://13.61.196.219:8080/power.ps1 | Offline | opendir | Riordz |
| 2025-06-13 01:32:05 | http://13.61.196.219:8080/power.vbs | Offline | opendir | Riordz |
| 2025-06-13 01:32:05 | http://13.61.196.219:8080/screenshot.ps1 | Offline | opendir | Riordz |
| 2025-06-13 01:32:05 | http://13.61.196.219:8080/browsers_pass_get.ps1 | Offline | opendir | Riordz |
| 2025-06-13 01:32:05 | http://13.61.196.219:8080/run_screenshot.vbs | Offline | opendir | Riordz |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-06-13 01:33:04 | 80ca628cea4cc5e3a5041f2986d3b6e8b97981c9395f289958c2ec87d7c94c90 | txt | ||
| 2025-06-13 01:32:14 | c5c2c6ac814243c4999e45936131d4aff0a48266a3840379e7c9f2450ec2cf9a | exe | ||
| 2025-06-13 01:32:05 | 006d1e0d53f42fdab59bd7ed6e7a3eb1d43edefa0959c292db7197003acd9288 | txt | ||
| 2025-06-13 01:32:05 | 85bb7a9a18e8f3c1cc4cb5acb4f1af6cdae3479ca26834260f7e1ca25e63a4a8 | txt | ||
| 2025-06-13 01:32:05 | e4014b3e1baa91c24aa64c5f9053b2dca826fcb2ee0d47f3439b1ace6d547241 | txt | ||
| 2025-06-13 01:32:05 | 50181744900bfea4f6bca3d3396d24af838478179e958c2e73468ee33bfbd2c3 | txt | ||
| 2025-06-13 01:32:05 | 15930b298ced7cdffe25bc83486519f6da9b136597e7da1dc3d7c2996db51dc6 | txt | ||
| 2025-06-13 01:32:04 | 7ba8af068ea4293b3eeb7078c450d5e3a1d0cedaa1c2e2687275229de41ffedb | txt |