URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	159.69.142.67
Firstseen:	2021-04-27 05:32:02 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-04-27 05:32:04	159.69.142.67	static.67.142.69.159.clients.your-server.de	Not listed	AS24940 HETZNER-AS	DE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-05-05 01:21:03	http://159.69.142.67/HDAhmad/t2.exe	Offline	exe njRAT	zbetcheckin
2021-05-05 01:21:03	http://159.69.142.67/ahmad/666nj214/47.exe	Offline	exe njRAT	zbetcheckin
2021-05-05 01:17:03	http://159.69.142.67/ahmad/666nj214/20.exe	Offline	exe njRAT	zbetcheckin
2021-05-05 01:17:03	http://159.69.142.67/new/98.exe	Offline	exe njRAT	zbetcheckin
2021-04-27 05:32:04	http://159.69.142.67/test/1.txt	Offline		ANeilan

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-05-05 01:21:03	e63d3be538ff76863ee863299e16a554e83908abaab1b59128b398d898cebcf7	exe	njrat
2021-05-05 01:21:03	40439c197dbca26b851e506ca7cdd3dbb5c2ab9dba9530e839b68c2aa83362dd	exe	njrat
2021-05-05 01:17:03	0037ef6aea2b179208cd379210224fb863e12100e921a9e3c036ffbdea7e63d2	exe	njrat
2021-05-05 01:17:03	6ca8d9e0214b3c8da72b641ce89afbc1d14a5fd1e0acb6fc2e1f10d1732f748c	exe	njrat