URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 198.12.84.109
Firstseen:2021-08-20 06:09:03 UTC
Total malware sites :11
Online malware sites :0 (0%)
Offline Malware sites :11 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-08-20 06:09:06 198.12.84.109198-12-84-109-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-09-22 16:55:07http://198.12.84.109/btc/x.exeOfflineexe de_aviation
2021-09-22 16:55:06http://198.12.84.109/btc/vbc.exeOfflineexe Loki ext de_aviation
2021-09-22 12:18:04http://198.12.84.109/piza/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2021-09-20 15:43:05http://198.12.84.109/twitter/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2021-09-20 15:42:06http://198.12.84.109/twit/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2021-09-20 15:42:06http://198.12.84.109/twit/x.exeOfflineexe opendir abuse_ch
2021-09-01 01:37:05http://198.12.84.109/ring/vbc.exeOffline32 exe Formbook ext zbetcheckin
2021-08-31 16:42:06http://198.12.84.109/ping/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2021-08-30 12:34:06http://198.12.84.109/pnb/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2021-08-20 08:02:05http://198.12.84.109/window/vbc.exeOffline32 exe Formbook ext zbetcheckin
2021-08-20 06:09:06http://198.12.84.109/hdfc/vbc.exeOfflineexe Formbook ext opendir abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-09-22 16:55:07f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aaexe 
2021-09-22 16:55:06166fc5432ac8ce1024a26b55bdff22553e972bce7eb0a15b8d7347482e2c93f4exeLoki
2021-09-22 12:39:06da641202fb53638f3aad2bda8a87d215855cf03aa658637e3dd70dbe5c3c47fdexeFormbook
2021-09-22 12:18:04699ac8f16c67cda47a80657cce69cbb8b42d711a9e4609ad6a8ff2ed84119b01exeFormbook
2021-09-20 17:35:50672ca84f8680ab545196dd1f961b3f456ae6b4ff1e0629fab96ed0625f22bbd1exeFormbook
2021-09-20 17:30:41be2ed31f85df8e65c76d1fd87ceb62a6381c0c5244eca15349bb0976052c2695exeFormbook
2021-09-20 15:43:05f35e37b873cb4bee71eab9a5caa6bc7bcb592d84b7924e83ec00a5c9058eb03bexeFormbook
2021-09-20 15:42:06b1e9060288c5c28d0fb5ba1c91b5c507e15011a063009da3e382ad6b90b09790exeFormbook
2021-09-20 15:42:06f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aaexe 
2021-09-01 01:37:050de86452c290d019c526a389413f34dd41e67d4ae1ae6d9d39ef119a9cf81605exeFormbook
2021-08-31 16:42:06abaca5741431ff5f4d04ac153e6d06514d1a7d92154d9ae994d253297f582930exeFormbook
2021-08-30 17:04:51311212296fb8626d2a696cf7ef2731a6d03f44618be2597acb9f44ac46fd5087exeFormbook
2021-08-30 12:34:066575fefaef5564a290a1fd996e759f8d1b8f740256ae8a066170daf3accf69deexeFormbook
2021-08-20 08:02:05fafbf52647d3187d5d7fe79b130db1e72a327aef887ff42a283e4aa523a555f1exeFormbook
2021-08-20 06:09:05d441b6262d1915e1c32e85775622b2f2e3b755279f1b536d5b10eb2f14678e10exeFormbook