URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	166.88.141.219
Firstseen:	2024-07-26 00:27:03 UTC
Total malware sites :	30
Online malware sites :	0 (0%)
Offline Malware sites :	30 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-07-26 00:27:06	166.88.141.219		Not listed	AS149440 EVOXTENTERPRISE-AS-AP	HK	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-07-26 00:27:21	https://166.88.141.219/privs/chisel32.exe	Offline	exe Gh0stRAT opendir	NDA0E
2024-07-26 00:27:21	http://166.88.141.219/privs/chisel.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:18	http://166.88.141.219/privs/chisel32.exe	Offline	exe Gh0stRAT opendir	NDA0E
2024-07-26 00:27:18	https://166.88.141.219/privs/chisel.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:15	https://166.88.141.219/privs/2023.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:15	http://166.88.141.219/privs/RoguePotato.zip	Offline	opendir zip	NDA0E
2024-07-26 00:27:15	https://166.88.141.219/privs/nc.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:15	https://166.88.141.219/privs/jp.exe	Offline	exe JuicyPotato opendir	NDA0E
2024-07-26 00:27:15	https://166.88.141.219/privs/PF64.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:15	https://166.88.141.219/privs/RoguePotato.zip	Offline	opendir zip	NDA0E
2024-07-26 00:27:15	http://166.88.141.219/privs/nc.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:15	https://166.88.141.219/privs/RoguePotato.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:15	https://166.88.141.219/privs/FullPowers.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:15	http://166.88.141.219/privs/FullPowers.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:14	http://166.88.141.219/privs/RogueOxidResolver.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:14	http://166.88.141.219/privs/jp.exe	Offline	exe JuicyPotato opendir	NDA0E
2024-07-26 00:27:14	https://166.88.141.219/privs/RP.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:14	http://166.88.141.219/privs/2023.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:14	https://166.88.141.219/privs/pf32.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:14	https://166.88.141.219/privs/SP.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:08	http://166.88.141.219/privs/pf32.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:07	http://166.88.141.219/privs/SP.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:07	https://166.88.141.219/privs/RogueOxidResolver.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:06	http://166.88.141.219/privs/PF64.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:06	http://166.88.141.219/privs/RoguePotato.exe	Offline	exe opendir	NDA0E
2024-07-26 00:27:06	http://166.88.141.219/privs/RP.exe	Offline	exe opendir	NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-07-26 00:27:21	f82edf0228b8e58517659bc465599a85609377f34c9e4a8b1279e10806109b61	exe	Gh0stRAT
2024-07-26 00:27:21	d8090f5058db31956d0503d0e4c9e16504d58623ba481715609a8ff1303d6e72	exe
2024-07-26 00:27:18	f82edf0228b8e58517659bc465599a85609377f34c9e4a8b1279e10806109b61	exe	Gh0stRAT
2024-07-26 00:27:18	d8090f5058db31956d0503d0e4c9e16504d58623ba481715609a8ff1303d6e72	exe
2024-07-26 00:27:15	1ca9658cf5042ab654af76e976e17a166aabed44b1f1b63ee1c7cb307e86bb4f	exe
2024-07-26 00:27:15	615b79f1390ff1168e8bcd72f733c74d4b10fe74855f90229188b3ee14e257a5	zip
2024-07-26 00:27:15	7379c5f5989be9b790d071481ee4fdfaeeb0dc7c4566cad8363cb016acc8145e	exe
2024-07-26 00:27:15	0f56c703e9b7ddeb90646927bac05a5c6d95308c8e13b88e5d4f4b572423e036	exe	JuicyPotato
2024-07-26 00:27:15	8524fbc0d73e711e69d60c64f1f1b7bef35c986705880643dd4d5e17779e586d	exe
2024-07-26 00:27:15	615b79f1390ff1168e8bcd72f733c74d4b10fe74855f90229188b3ee14e257a5	zip
2024-07-26 00:27:15	7379c5f5989be9b790d071481ee4fdfaeeb0dc7c4566cad8363cb016acc8145e	exe
2024-07-26 00:27:15	a4778d50307de4ab13e48de90d72b7c5e19b4f9356a611a9faf95cfda0523c46	exe
2024-07-26 00:27:15	e5b50e925e5dbf4da9223552cc604b745f8ba48f6f47f8bdfbea1bec4747ce50	exe
2024-07-26 00:27:14	e5b50e925e5dbf4da9223552cc604b745f8ba48f6f47f8bdfbea1bec4747ce50	exe
2024-07-26 00:27:14	9c5d53208d324f6f14e3417fe072be9b0f29aa35299f99c30bbaf602790b7480	exe
2024-07-26 00:27:14	0f56c703e9b7ddeb90646927bac05a5c6d95308c8e13b88e5d4f4b572423e036	exe	JuicyPotato
2024-07-26 00:27:14	0fb342f94f359c9f54205a979854b7a3a3910bb7e118f0fc44cead28ebd81f0d	exe
2024-07-26 00:27:14	1ca9658cf5042ab654af76e976e17a166aabed44b1f1b63ee1c7cb307e86bb4f	exe
2024-07-26 00:27:14	47c9eff8142490a2c341701aab7aaebc355eed1540eed534a8317dd1e65614b2	exe
2024-07-26 00:27:13	3268f269371a81dbdce8c4eedffd8817c1ec2eadec9ba4ab043cb779c2f8a5d2	exe
2024-07-26 00:27:07	3268f269371a81dbdce8c4eedffd8817c1ec2eadec9ba4ab043cb779c2f8a5d2	exe
2024-07-26 00:27:07	9c5d53208d324f6f14e3417fe072be9b0f29aa35299f99c30bbaf602790b7480	exe
2024-07-26 00:27:06	a4778d50307de4ab13e48de90d72b7c5e19b4f9356a611a9faf95cfda0523c46	exe
2024-07-26 00:27:06	0fb342f94f359c9f54205a979854b7a3a3910bb7e118f0fc44cead28ebd81f0d	exe
2024-07-26 00:27:05	8524fbc0d73e711e69d60c64f1f1b7bef35c986705880643dd4d5e17779e586d	exe
2024-07-26 00:27:05	47c9eff8142490a2c341701aab7aaebc355eed1540eed534a8317dd1e65614b2	exe