URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry


Host: 141.98.6.22
Firstseen:2023-05-30 10:00:08 UTC
Total malware sites :8
Online malware sites :0 (0%)
Offline Malware sites :8 (100%)

IP addresses


The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-05-30 10:00:15 141.98.6.22Not listedAS213702 QWINS-LTD- NLyes

Malware URLs


The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-06-02 06:17:05http://141.98.6.22/257/hkcmd.exeOfflineexe Loki ext opendir abuse_ch
2023-06-01 03:02:05http://141.98.6.22/ii/iiiiiiiiiiiiiiiiiiiiii%23...OfflineRTF zbetcheckin
2023-05-31 08:16:05http://141.98.6.22/27/Qdnqbcbfde.pngOffline abuse_ch
2023-05-31 05:31:04http://141.98.6.22/ti/tititiitititiiti%23%23%23...OfflineRTF zbetcheckin
2023-05-31 03:54:04http://141.98.6.22/27/browser_cache.exeOffline32 exe Loki ext zbetcheckin
2023-05-30 10:45:06http://141.98.6.22/213/INTERNET.exeOfflineexe GuLoader ext Loki ext opendir abuse_ch
2023-05-30 10:26:03http://141.98.6.22/ii/iiiiiiiiiiiiiiiiiiiiii###...Offline abuse_ch
2023-05-30 10:00:15http://141.98.6.22/ti/mFxjD104.binOfflineencrypted GuLoader ext Loki ext opendir abuse_ch