URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 158.69.36.15 |
|---|---|
| Firstseen: | 2024-12-13 06:30:11 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2024-12-13 06:31:23 | 158.69.36.15 | ip15.ip-158-69-36.net | Not listed | AS16276 OVH |  CA | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-09-17 11:39:50 | https://158.69.36.15/Files/xwormee.txt | Offline |  adrian__luca | |
| 2024-12-24 06:34:09 | https://158.69.36.15/files/xwormvideo.txt | Offline | AsyncRAT  base64 rev rev-base64-loader |  lontze7 |
| 2024-12-24 06:34:09 | https://158.69.36.15/files/Teste_Ok.txt | Offline | base64 rev rev-base64-loader | lontze7 |
| 2024-12-24 06:34:09 | https://158.69.36.15/files/xWorm.txt | Offline | AsyncRAT base64 rev rev-base64-loader | lontze7 |
| 2024-12-18 15:51:05 | https://158.69.36.15/files/sordellina.js | Offline | js |  abus3reports |
| 2024-12-18 07:19:20 | https://158.69.36.15/files/remcos.txt | Offline | base64 RemcosRAT rev rev-base64-loader | lontze7 |
| 2024-12-13 15:17:05 | https://158.69.36.15/files/kissers.js | Offline | js opendir |  NDA0E |
| 2024-12-13 06:31:23 | https://158.69.36.15/files/file.txt | Offline | base64 rev rev-base64-loader | lontze7 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-12-24 06:34:09 | 17f129df89da4ddb3fca84edca9d2db61decec317e4292a45fcf6aa5081d3fec | txt | AsyncRAT | |
| 2024-12-24 06:34:09 | 5970261b439b852e66bc8a5ca610ddf72c701cc86282f3e064de95c7f1c3fcf7 | txt | ||
| 2024-12-24 06:34:09 | 8d1e51edf3e6fee05244b444e0dab7782bcdae0a5ff6c77e110decbd75f5e89a | txt | AsyncRAT | |
| 2024-12-18 07:19:20 | 5d9ff9a239e91022aad8f2d11b89f02854c4b148235396ec7a0562f12ac23b56 | txt | RemcosRAT | |
| 2024-12-13 06:31:23 | ec755c4a44898f12ebe7bfa0c17073ce8bd70b160ba998a5d6b54d6116fe3c66 | txt |