URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 198.12.81.20
Firstseen:2022-04-04 15:32:03 UTC
Total malware sites :27
Online malware sites :0 (0%)
Offline Malware sites :27 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-04-04 15:32:05 198.12.81.20198-12-81-20-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-07-15 07:38:05http://198.12.81.20/leader/Loader1.exeOfflineexe Loki ext opendir abuse_ch
2022-07-07 06:37:04http://198.12.81.20/scan4/scan4.exeOfflineexe Loki ext opendir abuse_ch
2022-07-07 05:51:03http://198.12.81.20/load/Loader1.exeOfflineexe Loki ext opendir abuse_ch
2022-07-04 08:16:04http://198.12.81.20/sat9/sat9.exeOfflineexe Loki ext opendir abuse_ch
2022-06-28 09:14:04http://198.12.81.20/bin4/bin4.exeOfflineexe Loki ext opendir abuse_ch
2022-06-27 08:27:05http://198.12.81.20/loader5/Loader5.exeOfflineexe Loki ext opendir abuse_ch
2022-06-21 10:11:05http://198.12.81.20/bis/bis.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-20 07:38:04http://198.12.81.20/box7/Box7.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-16 06:43:05http://198.12.81.20/mail/mail.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-14 06:32:05http://198.12.81.20/fax2/FAX2.exeOffline32 exe Formbook ext zbetcheckin
2022-06-13 06:45:05http://198.12.81.20/fax6/FAX6.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-09 09:04:09http://198.12.81.20/Order3008/ORder3008.exeOfflineexe Formbook ext opendir abuse_ch
2022-05-13 14:55:04http://198.12.81.20/busy/BUSY.exeOfflineexe Formbook ext opendir abuse_ch
2022-05-12 07:08:05http://198.12.81.20/scan9/SCAN9.exeOfflineexe Formbook ext opendir abuse_ch
2022-05-10 11:24:04http://198.12.81.20/LOADT/LOADT.exeOfflineexe Formbook ext opendir abuse_ch
2022-05-09 14:30:05http://198.12.81.20/book/BOOK.exeOfflineexe Formbook ext Loki ext abuse_ch
2022-05-05 05:45:04http://198.12.81.20/SCAN6/SCAN6.exeOfflineexe Formbook ext opendir abuse_ch
2022-04-26 04:46:04http://198.12.81.20/sat5/SAT5.exeOfflineexe Formbook ext opendir abuse_ch
2022-04-25 16:01:04http://198.12.81.20/file4/FILE4.exeOfflineexe Formbook ext opendir abuse_ch
2022-04-22 15:41:04http://198.12.81.20/doc88/DOC88.exeOfflineexe Formbook ext opendir abuse_ch
2022-04-20 09:16:04http://198.12.81.20/xloader/XLOADER.exeOfflineexe Formbook ext opendir abuse_ch
2022-04-11 07:57:04http://198.12.81.20/loadme/LOADME.exeOfflineexe Loki ext opendir abuse_ch
2022-04-08 09:24:04http://198.12.81.20/loaderb/LOADERB.exeOfflineexe Loki ext opendir abuse_ch
2022-04-07 07:35:05http://198.12.81.20/hloader/HLOADER.exeOfflineexe Loki ext opendir abuse_ch
2022-04-06 06:55:04http://198.12.81.20/qloader/QLOADER.exeOfflineexe Loki ext opendir abuse_ch
2022-04-05 09:22:03http://198.12.81.20/vloader/VLOADER.exeOffline32 exe Loki ext zbetcheckin
2022-04-04 15:32:05http://198.12.81.20/mloader/MLOADER.exeOfflineexe Loki ext opendir abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-07-15 07:38:05bebf057814963f1d9c131a68391aff20db0a1e653a54b62ca6bd91398e0728adexeLoki
2022-07-07 17:51:18983510df5d225cfe14e5d5a8a1f5991c8879de5ae0dcdda84f80f7107094e635exeLoki
2022-07-07 06:37:0402ec85e897519787b0939d830a0a91144c1e50857c1ea9c18d313cd95e68e939exeLoki
2022-07-07 05:51:032a75670328de6d21a02995adbfc8f296c5a38cf6294eb828751e728d76cc6d63exeLoki
2022-07-06 01:07:31c849faef0daef7d35e39a56257df5f060503bb6f6759a96e5f8e86de2de7249fexe Loki
2022-07-04 08:16:0421b58ced0bde178a02008f0140786eee77dfa27651673881c76538e54b7ce34cexeLoki
2022-06-28 09:14:04e86385e060fadfb4927fcd6d3d969c649b804f402fe0ac24f6f18956791e8d6dexeLoki
2022-06-28 05:27:5722797d4f15b39d839cbb87cd4e0c302cef10d6ac7abab71f06cb87e98efa4463exeLoki
2022-06-27 15:21:144ff8de924426725e9fda4606df974199a8cbdc063ba37ffe75aa192e51b69ebeexe Loki
2022-06-27 08:27:05b95fffa4b998dfd7fd76b71740219057610d517bddf6d9f1fdbdfc329c714e9bexeLoki
2022-06-21 10:11:05a92f8917b2e98217ede5359f7906dd0a60df26e087a1e1c33b81797a334fb448exeFormbook
2022-06-20 07:38:041875ec3bf38bcdea427df0929d9c7506b98df56677d79fc74249e52fc9b90ee2exe  
2022-06-16 06:43:05f373dca0591ab9127485c7c3176eb2d5b639b5281837486589884ce8f24d9ddeexeFormbook
2022-06-14 06:32:0586b01fa8a457b9f282f50f1754a8ce931bb9d64f9f14c1d08d973ee1bb469559exeFormbook
2022-06-13 06:45:05583634fdc373ec476a7affbb11474a78596cede93a39322f0026ad98b1424cc5exeFormbook
2022-06-09 09:04:099098d0651a33658ae4f8b9fccd7bda00a876883a302e77acbe17832a5a14a3a6exe  
2022-05-13 14:55:04e73b7de772353638addd480041e90a67f27d8d5b087bf222b1c6649c54b9cc57exeFormbook
2022-05-12 07:08:05f12b517eabc8adbbbed4d0117f70bd42e00e59b3a02c8dab3d4ab95d6e1ada0cexeFormbook
2022-05-10 11:24:049451d316042f4dc89e61afcebdff67ccb533e14af5fd3cfe58f64c57c7af81c3exeFormbook
2022-05-09 14:30:0549c0c4810d07a4328281b5d8e63d51be03732beac6875589c5c4b800c81e1f8aexeFormbook
2022-05-05 05:45:0414641fbe2c1d62713c7893a32a0fca7e60ef1c517f2e3a1b5e1b32f1240f86b7exeFormbook
2022-04-28 01:08:5353f2b01b46fea6b60894eef19535ceb20e37f661839e607734c54ec5e3753200exeFormbook
2022-04-27 23:21:27b33f2bc956ec9e983992bd165347b7041b03ee77749640a04451efb3ea2cf5d8exeFormbook
2022-04-27 22:46:446a8e45f9894c54efd1aff20e1ced278b688fe93b46fbace3a3b19d77b447b742exeFormbook
2022-04-27 21:58:097e4a72440cecd1ed5e0330341b9d8a9d48f0812dd19920b5adfda08ce5bb143cexe Formbook
2022-04-26 04:46:04e17af127923617602c5b3aefa68aa22e97a1c6e9636b0ad69719719e3535c2aeexeFormbook
2022-04-25 16:01:04950352c91affd434f21c97b82e49e2f55642eee65540646cca5b45384257f026exeFormbook
2022-04-22 15:41:046e2d552e111d1303a2b72809cd77f7aab66ce3e7bdfc243f0dcb53c30d272736exeFormbook
2022-04-20 09:16:04e226334635541cd4581643d39b8d8f19d1ac7519e6d3e833dcf48d4c0b1c1080exeFormbook
2022-04-11 07:57:0412d2bc93a0ad2bc0ef4371472929c84f3440a1c0d762127258b07e50f26124d9exeLoki
2022-04-08 09:24:040cfd4af5b71a2d8f3c262d742e6250bef1496d6ac150ade20480936f30217508exeLoki
2022-04-07 07:35:0592c797ca206afa60b7508e54b32b6b9ac8d6b446906339e1c64d52f9bcdee83aexeLoki
2022-04-06 06:55:04448bb7d8a12bc5ece3ec6a030aff9e0ecb54eedc0bfefecc71be3ac01c142aedexeLoki
2022-04-05 09:22:030d9ee1a099ae26518c51d59ae88ff4924fbf4bb3e1328b36be18e1b918b947c4exeLoki
2022-04-04 15:32:04d102320cf8e7b2dd05385ac34f45037d744e408cfcd436352a9647f9cca60932exeLoki