URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	213.209.150.113
Firstseen:	2025-08-20 12:10:06 UTC
Total malware sites :	25
Online malware sites :	0 (0%)
Offline Malware sites :	25 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-08-20 12:10:12	213.209.150.113		Not listed	AS2856 BT-UK-AS	DE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-08-20 16:12:08	http://213.209.150.113/files/341953163/1gbaAn2.bat	Offline	c2-monitor-auto DarkVisionRAT dropped-by-amadey	c2hunter
2025-08-20 15:12:11	http://213.209.150.113/files/7596020081/AUjCn3t...	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-08-20 15:11:12	http://213.209.150.113/files/801193963/114wZ2y.exe	Offline	Amadey c2-monitor-auto dropped-by-amadey	c2hunter
2025-08-20 13:24:10	http://213.209.150.113/files/8042875554/6Rc9W1x...	Offline	c2-monitor-auto dropped-by-amadey QuasarRAT	c2hunter
2025-08-20 13:17:07	http://213.209.150.113/files/7127454373/Zxr2QtI...	Offline	c2-monitor-auto Chaos dropped-by-amadey	c2hunter
2025-08-20 12:32:26	http://213.209.150.113/files/1229664666/8ihVFH8...	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-08-20 12:32:24	http://213.209.150.113/files/7767269296/hpPbN0Z...	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter
2025-08-20 12:32:23	http://213.209.150.113/files/7125646839/i0q3uva...	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter
2025-08-20 12:32:22	http://213.209.150.113/files/1509384686/NW1JmQQ...	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter
2025-08-20 12:32:17	http://213.209.150.113/files/7886909490/z8ot0Fy...	Offline	c2-monitor-auto dropped-by-amadey Stealc	c2hunter
2025-08-20 12:32:17	http://213.209.150.113/files/6331503294/wIiwRJJ...	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-08-20 12:32:15	http://213.209.150.113/files/271085713/Y3WxsSs.exe	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-08-20 12:32:15	http://213.209.150.113/files/5296057416/Tse2E3k...	Offline	c2-monitor-auto dropped-by-amadey Stealc	c2hunter
2025-08-20 12:32:13	http://213.209.150.113/files/740061926/bLGj4G0.exe	Offline	c2-monitor-auto dropped-by-amadey gcleaner	c2hunter
2025-08-20 12:32:13	http://213.209.150.113/files/7453936223/RenT7Wg...	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter
2025-08-20 12:32:13	http://213.209.150.113/files/5638395652/yhxBBcU...	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter
2025-08-20 12:32:13	http://213.209.150.113/files/7610129705/jh8ta1W...	Offline	c2-monitor-auto dropped-by-amadey RedLineStealer	c2hunter
2025-08-20 12:32:13	http://213.209.150.113/files/5254702106/trvb3cO...	Offline	c2-monitor-auto dropped-by-amadey Stealc	c2hunter
2025-08-20 12:32:13	http://213.209.150.113/files/1509384686/SJovRNE...	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter
2025-08-20 12:32:12	http://213.209.150.113/files/6361558956/qwcFbW4...	Offline	c2-monitor-auto dropped-by-amadey N-W0rm	c2hunter
2025-08-20 12:32:12	http://213.209.150.113/files/8434554557/M6XCVER...	Offline	c2-monitor-auto dropped-by-amadey PureLogsStealer	c2hunter
2025-08-20 12:10:23	http://213.209.150.113/files/unique2/random.exe	Offline	c2-monitor-auto dropped-by-amadey gcleaner	c2hunter
2025-08-20 12:10:18	http://213.209.150.113/files/7596020081/E5pj38A...	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-08-20 12:10:12	http://213.209.150.113/files/fate/random.exe	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter
2025-08-20 12:10:12	http://213.209.150.113/luma/random.exe	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-08-20 19:05:05	1baebf4eace8dda9bfa0acc7516b4633712fdefa92f0563ef99084c5c75e74cf	exe	GCleaner
2025-08-20 16:12:08	c84cf393fe6d5c8157a4d899a2a658ad2e95df67891d77108ab3be5ce7e01f9b	bat	DarkVisionRAT
2025-08-20 15:12:11	040570be620da2c9a902e03b11de64c75d85ffd37ee6ae1d504e6144d6ade483	exe
2025-08-20 15:11:11	c1fcdbc77e5ab2ebfbf3bd0adc2d81bd64ed2dfdacccfea9783003cf950ac36b	exe	Amadey
2025-08-20 14:28:00	04651b5ea2f5abd76dfffd4630d54ca23bf2a3c30f53e4ccc213f0f669b7e834	exe	GCleaner
2025-08-20 13:57:33	96024042d0dea1ab62db489fba07834dced65fe1e2d09b33ccdc41c388d11609	exe	LummaStealer
2025-08-20 13:24:10	d77857e39d36842225e58a9d5977d73c86e5158858225a92ec16b2f2ca522fe3	bat	QuasarRAT
2025-08-20 13:17:07	12e3e2892fe31aab9eec0986e106cf2c0ad1fa9fe162dcd2cd7eb1ef3327e96c	exe	Ransomware.Chaos
2025-08-20 12:32:25	cf0e7668679342b05b807f28784c101a1b95b0a314ffdf4e8ab426a77e573d83	exe
2025-08-20 12:32:24	a76bf1e070fc6280d698e8a413c0d258df4ad2024525896700a138b51cba20cc	exe	LummaStealer
2025-08-20 12:32:23	4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1	exe	LummaStealer
2025-08-20 12:32:22	aca862498dc80512772af2d41368322b102d3d34fbb7538436ec8881b17c217d	exe	LummaStealer
2025-08-20 12:32:17	b614be79d0c6b529345bf056ca1201bc1ffdba0d85677c648297a993706b5498	exe	Stealc
2025-08-20 12:32:16	2dbe6dcda7e8c51276da7c5635cd52fb044cfb2278b7d3c3f045d4037249245e	exe
2025-08-20 12:32:15	adfb54bc178bd596a6d011a2dcd782cffe3e7bb37cbd07d1ac5daaaf307094ff	exe	Stealc
2025-08-20 12:32:13	353bb7ff551cc81d11dd41b3ac03084ab2ce72a86099a6010a9ac5d6a67cc5d0	exe	GCleaner
2025-08-20 12:32:13	92f4fdda0cd9f0b734c3f68cec7e7cf72dd0e2ee740c63eca63ddbb560f2ed53	exe
2025-08-20 12:32:13	2371b0a66328458ddff16721811d686dff6e689139a21ef76bd67e2b7e291e25	exe	LummaStealer
2025-08-20 12:32:13	e15886e3c6af9edae546b18f8cce879de2773538cebd598748af924db890da40	exe	LummaStealer
2025-08-20 12:32:13	e12ee7f81b36119f286b0aef02de51905a17c14433a37439f089e07baf3044ce	exe	RedLineStealer
2025-08-20 12:32:13	8441f8b903c676d468bb0b0c07d699cb98df153cc50b4ac566e7ab95293cd2db	exe	Stealc
2025-08-20 12:32:12	aca862498dc80512772af2d41368322b102d3d34fbb7538436ec8881b17c217d	exe	LummaStealer
2025-08-20 12:32:12	765bd0d1ba46da4d04c560ecdac0c0a1b8ab1dc9fd3665de59bced81cdb43712	exe	N-W0rm
2025-08-20 12:32:12	eb49eee9fa02595b47f911c3148fa04d53cd72e11ff88e86f6e868e795a8bfca	exe	PureLogsStealer
2025-08-20 12:10:23	050f2713c672fef785c006ad7243e5ed913fa5a396cb2739f0ceaf1ddadadaa0	exe	GCleaner
2025-08-20 12:10:11	44ae36e347284bf332e319d0dfff30bcd0ebcfa1eec1ae5741f32464bd2e5cc0	exe	LummaStealer
2025-08-20 12:10:09	099250469c23007b02b117b43e6a1b29d24944eebb4c12b0cdc553556d414ca8	exe	LummaStealer