URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	147.124.213.50
Firstseen:	2025-03-07 15:49:02 UTC
Total malware sites :	25
Online malware sites :	0 (0%)
Offline Malware sites :	25 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-03-07 15:49:04	147.124.213.50	cripple-throws.joinprimarily.com	Not listed	AS396073 MAJESTIC-HOSTING-01	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-03-11 07:46:33	http://147.124.213.50/crypt/MUK.ps1	Offline		abuse_ch
2025-03-10 18:39:06	http://147.124.213.50/crypt/money.exe	Offline	AgentTesla	abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/eng.exe	Offline	Formbook	abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/cozzy.exe	Offline	Formbook	abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/cozy.ps1	Offline		abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/snake.exe	Offline	SnakeKeylogger	abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/WASFS.exe	Offline	RemcosRAT	abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/m2.ps1	Offline		abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/CZXASD55.rar	Offline		abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/RUNPEE.dll	Offline		abuse_ch
2025-03-10 18:39:05	http://147.124.213.50/crypt/Client.exe	Offline	AsyncRAT	abuse_ch
2025-03-10 18:38:05	http://147.124.213.50/crypt/TESTINA.exe	Offline	AgentTesla opendir	abuse_ch
2025-03-10 18:38:05	http://147.124.213.50/crypt/hustleee.txt	Offline	opendir	abuse_ch
2025-03-10 18:38:04	http://147.124.213.50/crypt/cozy.exe	Offline	opendir RemcosRAT	abuse_ch
2025-03-10 18:38:04	http://147.124.213.50/crypt/testina.ps1	Offline	opendir	abuse_ch
2025-03-07 15:50:11	http://147.124.213.50/crypt/conn.txt	Offline	ascii base64-loader Encoded opendir	abuse_ch
2025-03-07 15:50:06	http://147.124.213.50/crypt/emma.ps1	Offline	ascii opendir powershell ps1	abuse_ch
2025-03-07 15:50:06	http://147.124.213.50/crypt/freak.txt	Offline	ascii base64-loader Encoded opendir	abuse_ch
2025-03-07 15:50:05	http://147.124.213.50/crypt/VIK.ps1	Offline	ascii opendir powershell ps1	abuse_ch
2025-03-07 15:50:05	http://147.124.213.50/crypt/money.ps1	Offline	ascii opendir powershell ps1	abuse_ch
2025-03-07 15:50:05	http://147.124.213.50/crypt/devil.ps1	Offline	ascii opendir powershell ps1	abuse_ch
2025-03-07 15:50:04	http://147.124.213.50/crypt/ps1.txt	Offline	ascii opendir powershell ps1	abuse_ch
2025-03-07 15:49:05	http://147.124.213.50/crypt/dressman.exe	Offline	exe Formbook opendir	abuse_ch
2025-03-07 15:49:04	http://147.124.213.50/crypt/CONVERTER.exe	Offline	exe opendir	abuse_ch
2025-03-07 15:49:04	http://147.124.213.50/crypt/hustle.exe	Offline	AgentTesla exe opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-03-10 18:39:06	617ddfc01cc8d8c7fb984a4a9ebc48a13d763f695eb436a32957dc8e40b2541e	exe	AgentTesla
2025-03-10 18:39:05	fdc559014c1084c03f034589731a90594d3496b655b17b96ba6350de18a1aa91	exe	Formbook
2025-03-10 18:39:05	3451dbcd157a9b7dcdb0ea7f9a9dabbe58692b8c9469489597f608c0c364e957	exe	Formbook
2025-03-10 18:39:05	c4a0225a6de6d42fcdd0c172bcba94e86019f7c0705bc742a53cd529bd496477	txt
2025-03-10 18:39:05	f9fdb051571ebd3003ed9a8605cc48af2e79a3383e48486b69b0becbb3436b57	exe	SnakeKeylogger
2025-03-10 18:39:05	7feca68aa30931d5af1378f39e194f9e7076df3073402d6fa31a48b60836ae16	exe	RemcosRAT
2025-03-10 18:39:05	02b5566af6b408975cd5ba45ee26008898edaabb49a524ed7c5edf213fd43cb8	txt
2025-03-10 18:39:05	feac2b2805570682ff704da3f1f10d4d9a7b0ac94c7e22033ab9388fdeed1fda	rar
2025-03-10 18:39:05	6ad31b1e155c8c02f1b9f09bd982fd428d5dffd304cdb9cec917273f3a49d278	dll
2025-03-10 18:39:05	de6dd7d2bc11dcbf240fda1ec14cf1e4b1d7a1e2731e660e2b457c163ae0cd02	exe	AsyncRAT
2025-03-10 18:38:05	eab8215a2c484063d2023df0773e6f99a49afb5c126f94cf127c6adf7e0a5fb9	exe	AgentTesla
2025-03-10 18:38:05	436b95d09a9242ec39eb7789a40ebcfbffa0984d65bf671a60a2ad1cd0a21b06	txt
2025-03-10 18:38:04	489a4758ea8e46736dc0f67da790eeba6d5244de889dcee5ff49dcd6e9929736	exe	RemcosRAT
2025-03-10 18:38:04	d6b211d5307808c8f0d4531fdb3142cf44d6f996e8e1c059e75744ee18267a1f	txt
2025-03-07 15:50:11	c4b3939216bd159de15a92eec0a7432687332a30fe1ff07a680857a1a821a2ad	txt
2025-03-07 15:50:06	75710db488577e2d1ce11541b5a54846b053a15c245903a00a2af833803a7c88	txt
2025-03-07 15:50:05	3b107659e23b9c28725ee4827d5eb205eece8b9a5c90afbbb742a9832aaefaab	txt
2025-03-07 15:50:05	1f8a70df6da41f13f26aebba8c76bfd808795b2a7abcab032442722844d30a6d	txt
2025-03-07 15:50:05	961280d561a7f72ff218f0d2af8d63b4fc39b358f603aa3e2e811d2ca414037c	txt
2025-03-07 15:50:05	afc5919f8b0a1a168926b5efc2b7d20800795049fde04e5e6eb511c50038d13b	txt
2025-03-07 15:50:04	3e04d66524bd6b944f263f1ed6c8431e593925c7d34fd8139f0a7ae8c1a0ddbc	txt
2025-03-07 15:49:05	5e300add3c57b7c15d95b10a3d7a9ac65b55f95c8e2cc11a5316fcbc8c027044	exe	Formbook
2025-03-07 15:49:04	5d97ea15858f010c7c60f66911e26ceb5d36513b1e4630b53f45a5f2a8ec41b3	exe	AgentTesla
2025-03-07 15:49:03	4202ddd7af049132f98a9a28df3b6b1b34567b78e1dce8b5d380c8974d697199	exe