URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 18.159.59.253 |
|---|---|
| Firstseen: | 2022-01-27 07:50:03 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-01-27 07:50:05 | 18.159.59.253 | ec2-18-159-59-253.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 |  DE | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-01-29 08:45:06 | http://18.159.59.253/derek/Loogfrcy.log | Offline | encrypted Formbook  |  abuse_ch |
| 2022-01-29 03:27:03 | http://18.159.59.253/derek/QyJEqOV5XDT3ygH.bat | Offline | 32 exe SnakeKeylogger |  zbetcheckin |
| 2022-01-28 06:55:04 | http://18.159.59.253/cut/Aiacnr.log | Offline | encrypted SnakeKeylogger | abuse_ch |
| 2022-01-28 02:55:04 | http://18.159.59.253/cut/aiacnr.exe | Offline | 32 exe SnakeKeylogger | zbetcheckin |
| 2022-01-27 13:03:06 | http://18.159.59.253/cut/290091332850986.bat | Offline | exe SnakeKeylogger | abuse_ch |
| 2022-01-27 13:02:03 | http://18.159.59.253/cut/252199835184030.bat | Offline | exe SnakeKeylogger | abuse_ch |
| 2022-01-27 13:00:04 | http://18.159.59.253/cut/615472927758389.bat | Offline | exe SnakeKeylogger | abuse_ch |
| 2022-01-27 07:50:05 | http://18.159.59.253/cut/396180999746067.bat | Offline | exe SnakeKeylogger | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-01-29 08:45:06 | 28bd7ce0d1aeea2400ca8f279a7ed17618a68c74c115ef67aa343126546835f9 | unknown | ||
| 2022-01-29 03:27:03 | ca5bfc42daf3182e19891fca776764678e338143367bc203cdf598e72eb32293 | exe | SnakeKeylogger | |
| 2022-01-28 06:55:04 | 65d3da891191f9e574c5e67ffd953e39e06910df5f7f760adff18738eefd53c1 | unknown | ||
| 2022-01-28 02:55:04 | d8079b19aa1f119485291950ae0580757618dd23c4d18eed64e06aa3a86c1751 | exe | SnakeKeylogger | |
| 2022-01-27 13:03:05 | 8cf550788d99f53483977101d6c7097074ab42555c78a23e9b8e0e7e2ccd85a5 | exe | SnakeKeylogger | |
| 2022-01-27 13:02:03 | 572a69a429e389d3984a370820f7e9e42f3a5e7bf60738190971d27be3db4ce9 | exe | SnakeKeylogger | |
| 2022-01-27 13:00:04 | a5aa94475a74fe3e23364858f4b40c1c96c236ae284fda36d6fad080c2ed7123 | exe | SnakeKeylogger | |
| 2022-01-27 07:50:04 | 2cce6c0261418b2d0d22eefb9103c9a9d273ac609f57a31e88020cfc48ca040e | exe | SnakeKeylogger |