URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 141.98.6.22 |
|---|---|
| Firstseen: | 2023-05-30 10:00:08 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2023-05-30 10:00:15 | 141.98.6.22 | Not listed | AS213702 QWINS-LTD |  NL | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2023-06-02 06:17:05 | http://141.98.6.22/257/hkcmd.exe | Offline | exe Loki  opendir |  abuse_ch |
| 2023-06-01 03:02:05 | http://141.98.6.22/ii/iiiiiiiiiiiiiiiiiiiiii%23... | Offline | RTF |  zbetcheckin |
| 2023-05-31 08:16:05 | http://141.98.6.22/27/Qdnqbcbfde.png | Offline | abuse_ch | |
| 2023-05-31 05:31:04 | http://141.98.6.22/ti/tititiitititiiti%23%23%23... | Offline | RTF | zbetcheckin |
| 2023-05-31 03:54:04 | http://141.98.6.22/27/browser_cache.exe | Offline | 32 exe Loki | zbetcheckin |
| 2023-05-30 10:45:06 | http://141.98.6.22/213/INTERNET.exe | Offline | exe GuLoader Loki opendir | abuse_ch |
| 2023-05-30 10:26:03 | http://141.98.6.22/ii/iiiiiiiiiiiiiiiiiiiiii###... | Offline | abuse_ch | |
| 2023-05-30 10:00:15 | http://141.98.6.22/ti/mFxjD104.bin | Offline | encrypted GuLoader Loki opendir | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2023-06-02 06:17:05 | acbd2cf1336650f3c7b141179115c85b7fc214076a434f284f8ac6e54ba63214 | exe | Loki | |
| 2023-06-01 03:02:05 | 5ce8f024d0f3798d8e8fbbefe9bb177722ae696ed2608611f9740b3246b4544e | rtf | ||
| 2023-05-31 08:16:05 | cf1687bdd06e803d596fdd7ffe333e381e621321461a5c3f50da832c81858858 | txt | ||
| 2023-05-31 05:31:04 | 897b636eb7188114365d0570dc7091c32086b092f4bb08d04572952db09b22bb | rtf | ||
| 2023-05-31 03:54:04 | 04eacefef801a460be4831841a7d400332030d8d3609138f636b43a9dcba9eb5 | exe | Loki | |
| 2023-05-30 19:30:45 | 63f608c4ceff4910f778d487fd45f6d906c830c1757d7f637bf531a44d178404 | exe | Loki | |
| 2023-05-30 10:45:06 | 629969a0881903021d039f309d10a9028a1b967153706f7db6386c0773ce727d | exe | Loki | |
| 2023-05-30 10:00:09 | 324f0b0086c68dfbfb990e26ded4363d6afacf667c9ed4992b2a7c26db369ea3 | unknown |