URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	198.12.89.207
Firstseen:	2022-05-09 14:33:02 UTC
Total malware sites :	11
Online malware sites :	0 (0%)
Offline Malware sites :	11 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-05-09 14:33:08	198.12.89.207	198-12-89-207-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-05-13 14:54:04	http://198.12.89.207/900/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-05-12 17:26:04	http://198.12.89.207/800/vbc.exe	Offline	exe Loki	AndreGironda
2022-05-12 07:14:04	http://198.12.89.207/700/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-05-12 07:14:03	http://198.12.89.207/710/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-05-10 15:03:04	http://198.12.89.207/450/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-05-10 15:03:04	http://198.12.89.207/440/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-05-10 02:22:04	http://198.12.89.207/600/vbc.exe	Offline	32 exe Loki	zbetcheckin
2022-05-10 02:21:04	http://198.12.89.207/355/vbc.exe	Offline	32 exe Loki	zbetcheckin
2022-05-10 02:16:04	http://198.12.89.207/650/vbc.exe	Offline	32 exe Loki	zbetcheckin
2022-05-09 19:13:03	http://198.12.89.207//650/vbc.exe	Offline	Loki	Anonymous
2022-05-09 14:33:08	http://198.12.89.207/500/vbc.exe	Offline	exe Loki opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-05-13 14:54:04	e38fb5927d31bd995b57bd8cdd7ecbdca3bc717d11ba9e5d17cdd1c04fbda472	exe	Loki
2022-05-13 01:55:47	1778e1dbcacd573f9dcbc83f0513fe410d15a1af8ae9fbd2f6e4e65679115d7d	exe	Loki
2022-05-12 17:26:04	434e76f577ffcd5513d95da9adce03abd7eacd4dfe4ff8c320d9a8fe18b0c380	exe	Loki
2022-05-12 07:14:04	ad803880dbb40f2776e5e149ebce583a1eee4a8628d34849bb72923d42529076	exe	Loki
2022-05-12 07:14:03	de5cb159429d3332cb3982c2f8fd4354942e756b73fb0f8b05d47c3b7306091e	exe	Loki
2022-05-10 23:45:48	21250461884af7cdce99729c8ea5fe2aaaa1250b715a9c26899a97d9e05829f1	exe	Loki
2022-05-10 23:34:46	9b7c9b230e6ebdb3a92ef55e153d76a3186555560cb26be387604f02b214050e	exe	Loki
2022-05-10 15:36:02	b9259b9f9dd1799176d3087de845091333bf64eac6fa0573d6676ee305885899	exe	Loki
2022-05-10 15:03:04	0160e6f20b6dd8840c7cc06c1b7182b42cd711181270f70419f7df38d62c9304	exe	Loki
2022-05-10 15:03:04	2f09e405b151f6b622d7c5fe91acaca861f3162ca65043eeae7e923ca8aa850c	exe	Loki
2022-05-10 02:22:04	cab06987f5b99ad86c8c6313cd3dea4f79f1f0bb770a04d9eb49955db3e0ad11	exe	Loki
2022-05-10 02:21:04	6f30388f6aba33a392c7bda0885ec1ea19bf6ccec825f94b779650f672f1304c	exe	Loki
2022-05-10 02:16:04	f210d157f0062616aa15217ac80b6dec2cdb9cd1c4eb35a8501349a88ad39d81	exe	Loki
2022-05-10 00:08:21	f210d157f0062616aa15217ac80b6dec2cdb9cd1c4eb35a8501349a88ad39d81	exe	Loki
2022-05-09 19:13:03	f29fa4b5dac695e0ceff091a8679c94129387f2a03aac03d011db98229bb6166	exe	Loki
2022-05-09 14:33:04	4d05ed5d5deea64d74e00dd818f36afe2b7fa7effe971cab1aed950cc1976871	exe	Loki