URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-01-02 17:07:09	147.124.216.113		Not listed	AS396073 MAJESTIC-HOSTING-01	US	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-01-06 06:50:09	http://147.124.216.113/albt.exe	Offline	DBatLoader exe	abuse_ch
2025-01-02 17:07:09	http://147.124.216.113/image.exe	Offline	DBatLoader downloader malware trojan VIPKeylogger	Joker

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2025-01-16 03:06:26	4e38df6415cd9a8857c5ff4185da103fa8585e8a589ff2286eaf7317e3d10755	exe		DBatLoader
2025-01-15 04:07:52	ce26bc4556fabe4a47c885353f169def4913c3b1f3f72af47f61952f07e26068	exe
2025-01-13 02:06:54	d3155fcf6f052606bc5f0c293aa6ee43d27bf7990713863e2dd23ab870fbb0bf	exe
2025-01-07 09:53:25	3cce82eff14a78c73dbc3f64a7abc6476d9b184763a5f6713ce68d6ee8df75f8	exe		DBatLoader
2025-01-07 09:05:53	e5393c34240b7e1b8a35052d7e151c324a4aa6424b5a6e1a45717157042fb9ab	exe		DBatLoader
2025-01-06 06:50:09	1bec44aa19ea8daa0b7151b312975f3f753e03f0bbce5ebeab8dfda5fb736a91	exe		DBatLoader
2025-01-06 01:01:17	03b17e6fe6ce874c0cf78b2e560f5fb4106e07ce33799632b2e1bbf24e9fb371	exe		DBatLoader
2025-01-05 22:05:48	52f70aceaac84fb1b61e78e36a3f8642875ce6528819060470242fb5312d16e5	exe		DBatLoader
2025-01-02 17:07:08	f65d5f51c5b69891d73c3799b4ed4d53fea665a6ef5b3d0cce8cae1e96c0e785	exe		VIPKeylogger