URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	141.98.6.99
Firstseen:	2023-06-19 18:23:03 UTC
Total malware sites :	16
Online malware sites :	0 (0%)
Offline Malware sites :	16 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-06-19 18:23:11	141.98.6.99		Not listed	AS213702 QWINS-LTD	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-20 08:23:08	http://141.98.6.99/amadey4.bat	Offline	bat opendir	abuse_ch
2023-06-20 08:23:06	http://141.98.6.99/build_SC.bat	Offline	bat opendir	abuse_ch
2023-06-20 08:22:07	http://141.98.6.99/Uzlrz_SC.bat	Offline	bat opendir	abuse_ch
2023-06-20 08:22:06	http://141.98.6.99/Amadey_SC.cmd	Offline	cmd opendir	abuse_ch
2023-06-20 08:22:06	http://141.98.6.99/CSGO_Hack.bat	Offline	Amadey bat opendir	abuse_ch
2023-06-20 08:22:06	http://141.98.6.99/Hceea_SC.bat	Offline	bat opendir	abuse_ch
2023-06-20 08:21:05	http://141.98.6.99/kkk_SC.bat	Offline	bat opendir	abuse_ch
2023-06-20 08:21:05	http://141.98.6.99/csg20.bat	Offline	Amadey bat opendir	abuse_ch
2023-06-20 08:21:03	http://141.98.6.99/rapport%202023%20MZN%20Thoma...	Offline	opendir zip	abuse_ch
2023-06-20 08:21:03	http://141.98.6.99/thomas.hta	Offline	hta opendir	abuse_ch
2023-06-19 20:07:04	http://141.98.6.99/Hceea.exe	Offline	32 exe	zbetcheckin
2023-06-19 20:06:04	http://141.98.6.99/Uzlrz.exe	Offline	64 exe N-W0rm	zbetcheckin
2023-06-19 20:06:04	http://141.98.6.99/aaaaa.exe	Offline	32 exe QuasarRAT	zbetcheckin
2023-06-19 20:06:03	http://141.98.6.99/game2.exe	Offline	32 exe	zbetcheckin
2023-06-19 18:23:11	http://141.98.6.99/rapport%202023%20MZN%20Thoma...	Offline	Amadey	abuse_ch
2023-06-19 18:23:11	http://141.98.6.99/Amadey_SC.bat	Offline	Amadey	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-07-04 10:46:01	77836ecb154797f45eb7628ad81b02a101ae04f47313483189450cdcf18fe683	bat
2023-07-03 11:29:44	09155089b9ce3486c47bb7a1d42d8513cbbcb48de39b5b46b10ca4f8b26c077b	bat
2023-07-02 16:34:18	dd2b41186ba5d88e8dc84765daaec2e7982c2b7caddadabf9274ee7a9ccf0a0f	bat
2023-07-01 15:30:34	91d43b786709d55390c10395ed3dbcdc93c9c02b5b3c1ad4bdeaec921addf33a	bat
2023-07-01 15:29:43	f843bc56a9bb79bd9c863ae1fc0b78f867ecdd9ce6addfca461f829a0584e5dd	bat
2023-06-28 06:14:18	fec808fda774ccfd78eb402bf564eb01b09b7284f0d8beb9ff020cfb780e0b55	bat
2023-06-26 00:25:51	0783c809607d68eeec1ee5858b3104b3dbc6886e8bb02caef83f734ce955318e	bat
2023-06-25 09:49:25	413dc2c60e272d73adde9d0532db3b0792bed47b08f30a2875e13e833b74a900	bat
2023-06-24 09:49:14	e6235c58b7523858201f40a865b0d5aa701564e7fa514c7dc349da196f1310f0	bat
2023-06-22 09:03:01	3e9ecf43738a1dc13686634db7262e70cb418023e2c432ac01bcb80e75b367fc	bat
2023-06-21 23:54:59	78c280805a7b1901beccc92cdc488adac74ca0287ed3b7f9dd88cc0cb815b914	bat
2023-06-21 14:24:20	3edd4b95997cfdbe3677465918dd29864c540d79d1c98b2c036aaa27bb01c37a	bat
2023-06-21 02:55:44	368bfeb08a87105d9e5479db3a84c9d8620a02077bb6a432c4715ada6d5ef33b	bat
2023-06-20 08:23:07	9cd61c9f15d24cf7aeeb74c78353daa96a75afb1610e5abaef79e5b777c84135	bat
2023-06-20 08:23:05	5259f147e8dee58a3e88aa1edf3521ab687bb28d52c1087c97b8a979d9d3c2c8	bat
2023-06-20 08:22:07	826e1858858d3ea6add4809370586c488cdebc4f810ae88cc28ee2b71adea8d5	bat
2023-06-20 08:22:06	561cbe3e6bc18eac2a78545d5d6da27b559fb8040256fad41454ee30a6a7483b	bat
2023-06-20 08:22:05	96c602f7cdbaba1e36f2527f6947814892abf4d3d7ef4d937088feb5e0fd0c3f	bat
2023-06-20 08:22:05	5bcc4276629357cabb9323b2169ccbeec318b21754f29cad7135dd3285ca61f9	bat	Amadey
2023-06-20 08:21:05	1876cdf7ae380d878a12a7dda624b40f74bf470592410665103b7bd998477959	bat
2023-06-20 08:21:05	9e8117a83d4bf36a81551ad646feea4aa9bb990e7633f48cb062847155177935	bat	Amadey
2023-06-20 08:21:03	6feadbd2e3444205e358daa625c1a650d329afe3a1da9c64e19ec5c673d1749f	zip
2023-06-20 07:17:13	04543e570fa7d04a0511612544b619b57a80f05445681ee330b912e7ad41d288	bat
2023-06-19 20:07:04	13993a109f4064a70ae87d660099352109c6115065444c46e5cb4854496ce6da	exe
2023-06-19 20:06:04	e08322d29f7748579a28904268dc53b66ac3158da4c08671cb0f2a54160b15c8	exe	N-W0rm
2023-06-19 20:06:04	c4cd074c486e0c4cdedbc4fb8f94c97db5eaf4e56f027421d8922e0b02f3ef18	exe	QuasarRAT
2023-06-19 20:06:03	cd93805d6fee60c8139820c20aca0872881a71f34218f0cb8de68b722cc128f8	exe
2023-06-19 18:23:05	511ff7b4835d116b11f378662c3f4e4f37a61a4b0acec07152b96c874e0c07dc	pdf
2023-06-19 18:23:05	df486bdfafdbe632ce65e867a8a53b24b3b715141534309ef639b5846986cf28	bat