URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	198.55.98.29
Firstseen:	2025-06-02 07:23:03 UTC
Total malware sites :	20
Online malware sites :	0 (0%)
Offline Malware sites :	20 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-06-02 07:23:06	198.55.98.29	unassigned.quadranet.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-08-19 05:21:22	http://198.55.98.29/FF/LEE.zip	Offline		abuse_ch
2025-08-19 05:21:21	http://198.55.98.29/F5/XZCAFWERFS.zip	Offline		abuse_ch
2025-08-19 05:21:19	http://198.55.98.29/F5/WAS.zip	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/fod4/slyy.txt	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/FF/STEINNNN.zip	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/host2/newrem.exe	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/FF/JAYSMTP.txt	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/FF/stein.txt	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/fod4/blaqq.txt	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/FF/JAYYY.zip	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/FF/VXVXH6.zip	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/FF/stein.exe	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/fod4/stein.txt	Offline		abuse_ch
2025-08-19 05:21:04	http://198.55.98.29/FF/LEWILL.txt	Offline		abuse_ch
2025-07-04 13:14:10	http://198.55.98.29/HOST/BM.ps1	Offline	RemcosRAT	abuse_ch
2025-07-04 13:14:06	http://198.55.98.29/HOST/VZXCHH66.exe	Offline	xworm	abuse_ch
2025-06-09 10:03:06	http://198.55.98.29/host/jaybin.txt	Offline		abuse_ch
2025-06-09 10:02:05	http://198.55.98.29/host/jayy.ps1	Offline	AgentTesla	abuse_ch
2025-06-02 07:24:05	http://198.55.98.29/HOST/RJHCTY.zip	Offline	opendir zip	abuse_ch
2025-06-02 07:23:06	http://198.55.98.29/HOST/Jay.exe	Offline	AgentTesla exe opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-07-04 13:14:10	f9bd19c655925156ff85315a7cec012222645c1d7df44d158d825fe401ee05e8	txt	RemcosRAT
2025-07-04 13:14:06	2381f61d5ada36de3f22577f1ae6837376aea8d70a02689385279ae82fa45490	exe	XWorm
2025-06-09 10:03:06	f073db175f886725e2660bbe698d62bb1942ae46271bc77a39303849ba0d1bc8	txt
2025-06-09 10:02:05	50cafb28d504f881a77e616985d31d42045d62835ddb84809792242e2b119573	txt	AgentTesla
2025-06-02 07:24:05	41fbc8c35e48558a7c64a47a61daec0b15b0fa88c52c03b7b85bbea49ba4140e	zip
2025-06-02 07:23:05	8bcb187f819fcc548a72d990a6e2a13cc71c732285895de5138ef4af306f638d	exe	AgentTesla