URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	141.98.6.91
Firstseen:	2023-10-24 05:55:06 UTC
Total malware sites :	27
Online malware sites :	0 (0%)
Offline Malware sites :	27 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-10-24 05:55:08	141.98.6.91		Not listed	AS213702 QWINS-LTD	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-10-30 06:53:08	http://141.98.6.91/1903/1/KEW.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-30 06:53:05	http://141.98.6.91/1903/1/HTMLIEsearchHistory.vbs	Offline	opendir vbs	abuse_ch
2023-10-30 06:53:05	http://141.98.6.91/1903/1/k/HTMLhistoryClearner...	Offline	AgentTesla doc opendir	abuse_ch
2023-10-30 06:52:06	http://141.98.6.91/1903/2/MAW.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-30 06:52:05	http://141.98.6.91/1903/2/HTMLIEcontentHistory.vbs	Offline	opendir vbs	abuse_ch
2023-10-30 06:52:04	http://141.98.6.91/1903/2/m/HTMLHisotoryCleaner...	Offline	AgentTesla doc opendir	abuse_ch
2023-10-27 15:42:07	http://141.98.6.91/38/HDV.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-27 15:41:06	http://141.98.6.91/38/HTMLDesginbrowser.vbs	Offline	AgentTesla opendir vbs	abuse_ch
2023-10-27 15:41:06	http://141.98.6.91/38/html/HTMLDesginBrowserInt...	Offline	AgentTesla doc opendir	abuse_ch
2023-10-27 15:40:09	http://141.98.6.91/39/KLV.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-27 15:40:07	http://141.98.6.91/39/HTMLIEbrowserHistory.vbs	Offline	AgentTesla opendir vbs	abuse_ch
2023-10-27 15:40:07	http://141.98.6.91/39/www/HTMLIEbrowserHistoryC...	Offline	AgentTesla doc opendir	abuse_ch
2023-10-27 15:39:05	http://141.98.6.91/htms/HTMLIEBrowserChatHistor...	Offline	AgentTesla doc opendir	abuse_ch
2023-10-24 06:08:05	http://141.98.6.91/2010/SAN.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-24 06:08:04	http://141.98.6.91/2010/MAH.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-24 06:07:07	http://141.98.6.91/2150/1/MHM.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-24 06:07:07	http://141.98.6.91/2150/2/SMH.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-24 06:07:05	http://141.98.6.91/2150/2/SMH.vbs	Offline	opendir vbs	abuse_ch
2023-10-24 06:07:05	http://141.98.6.91/2150/2/HTMLCacheCentos.doc	Offline	doc opendir	abuse_ch
2023-10-24 06:02:06	http://141.98.6.91/2150/1/mhs.vbs	Offline	opendir vbs zgRAT	abuse_ch
2023-10-24 06:02:06	http://141.98.6.91/2010/1/MAH.vbs	Offline	opendir vbs zgRAT	abuse_ch
2023-10-24 06:02:06	http://141.98.6.91/2150/1/HTMLCacheCentos.dOC	Offline	doc opendir zgRAT	abuse_ch
2023-10-24 06:02:06	http://141.98.6.91/2010/1/HTMLprofile.dOC	Offline	doc opendir zgRAT	abuse_ch
2023-10-24 06:01:05	http://141.98.6.91/2010/2/san.vbs	Offline	ascii opendir vbs zgRAT	abuse_ch
2023-10-24 06:01:04	http://141.98.6.91/2010/2/HTMLprofile.doc	Offline	doc opendir	abuse_ch
2023-10-24 05:55:09	http://141.98.6.91/windows/HNB.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-24 05:55:08	http://141.98.6.91/windows/HTMLobject.vbs	Offline	rat vbs zgRAT	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-10-30 06:53:08	ee5f9db434fd074aec31851dec2286f8f49061afd2f62e60bf34102e7a04f9f9	txt	AgentTesla
2023-10-30 06:53:05	eafb3cea4da435ac46bda9d56ab4b7624a0b0c3d848496d169a1b00b8eba0e03	unknown
2023-10-30 06:53:05	a7f65b6ed848a8ce8f8486d26918ab440e442f0acc938d0513f0390381d80258	unknown
2023-10-30 06:52:06	2974668ff6af372cfa139f9eedde01bdda46fd1d019b6a80a6027b15e1876a01	txt	AgentTesla
2023-10-30 06:52:05	76a73ec52afc9b6ba0596388abba0ace5eb64779c0154fd976c521c470d53f14	unknown
2023-10-30 06:52:04	8266d8ebf0586f5e43faaff0ded41e5da85478b72844bbd505bf6c08a711ab22	unknown
2023-10-27 15:42:07	0871bc2bf47b7d07ab61536800b98ecf40c64ee3a5f4949a8608d6120d68a63b	txt	AgentTesla
2023-10-27 15:41:06	f1098c69adab031391ddc2a53df8af450f1a0c908fed813e6bc962d30a56599b	unknown
2023-10-27 15:41:06	7fde513a7dd89278194c6af83964d46b3af013612815148974b62ffc50152ea2	unknown
2023-10-27 15:40:09	62b3844748bff8b1fa934e13db83d640105533c677dad0a577ab42035f547c11	txt	AgentTesla
2023-10-27 15:40:07	69749b30b56c0c82fcd8c066a9ce23c140d7a0f07e5270148b4bdc242f888154	unknown
2023-10-27 15:40:07	0e39d0f237fd2a7c2cd716f403abc719a9f061d7278e403978029b4e8ddacedc	unknown
2023-10-27 15:39:05	0e39d0f237fd2a7c2cd716f403abc719a9f061d7278e403978029b4e8ddacedc	unknown
2023-10-25 01:14:03	4f799501a3f411314a5a678c5c6e45b8ebcb16aa3b7e7d9a1996e0eda8bc6029	unknown
2023-10-24 06:08:05	744697b9e83e99c851607885289e7f49d50aac23f4de1d274f1d2deaca73ec79	txt	AgentTesla
2023-10-24 06:08:04	36e2f0ba096fbef71afcfb6d866ba6f8cb6ecf1a2286213035ae80617af8960e	txt	AgentTesla
2023-10-24 06:07:07	36e2f0ba096fbef71afcfb6d866ba6f8cb6ecf1a2286213035ae80617af8960e	txt	AgentTesla
2023-10-24 06:07:07	744697b9e83e99c851607885289e7f49d50aac23f4de1d274f1d2deaca73ec79	txt	AgentTesla
2023-10-24 06:07:05	b41044bd2bd4b63bf6022de305bfc2845bc32ebf05c9f91746751c38f7faf1be	unknown
2023-10-24 06:07:05	e5a0f3a0bb65321657c98422f2de177762f70bffe8453b187cf957be71420f7d	unknown
2023-10-24 06:02:06	61f9f532d6d55a110ec6508d4e343ecdf5e154d02eb67661c1669907ce45db42	unknown
2023-10-24 06:02:06	15082cbabfd0ab61016758924c9e1f3925632c80915374d2f6671c4c77e89e86	unknown
2023-10-24 06:02:06	d0755665e3d25783a229d9f872e08a4da8d5f0455e72f7330423de7f09d6de67	unknown
2023-10-24 06:02:05	d98f2e4d241244265a3618366e4e9079314fc4b8235c599423d2f57dabd0e0c7	unknown
2023-10-24 06:01:05	7729e13ec6f9b7dfdb8e14678e7d86d212a468f441c550f9f7f4c9b5370e2dd3	unknown
2023-10-24 06:01:04	58c271cee53f372e24bff45fa720c2ec7628ae8a2840c16ce74d13f417eb47ce	unknown
2023-10-24 05:55:09	ef9d53d0c4be6597aac7ca9602f71d37c35fe736949cee53d608375fa5e3e2c6	txt	AgentTesla
2023-10-24 05:55:07	b4f6b87e41f69f8f570148bab3fc32c6caa76c583d4f13e5a824ed87c9fbe585	unknown