URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	213.227.155.16
Firstseen:	2022-10-10 14:09:03 UTC
Total malware sites :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-10-10 14:09:05	213.227.155.16		Not listed	AS60781 LEASEWEB-NL-AMS-01	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-10-10 14:09:05	http://213.227.155.16/underground.exe	Offline	DanaBot exe	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-10-10 20:24:46	9da0b7ee48275a3ef67234ed75a6734c2fdc6665b46c200bbefe961524664f9b	exe	DanaBot
2022-10-10 19:57:55	a3702861321d7fc87fbd84d5c374a7284162788cc5e7dea8fcba2f2ea719af74	exe	DanaBot
2022-10-10 18:25:44	38dfcac78145a49ef6a95a11657e76ad7e09b66fde692ccfd24ec099df5ac283	exe	DanaBot
2022-10-10 17:56:43	52bc53ad95ba364ac8452d055bac508effb16c540466a36c75486f07cfe57f83	exe	DanaBot
2022-10-10 16:48:54	bbb5ea5b5258fcd9a920e525af4ea3806f7d45733f4a675fbc5c0593cff2cb16	exe	DanaBot
2022-10-10 15:56:16	5bec061168fbe49fd997f510a4ced25534bf04cb36bc524767c0451dc4f51708	exe	DanaBot
2022-10-10 15:17:03	fe6e6d5a27213b800e118188f7e0375537ed109c2c5ded0c9e3915f70be64ed7	exe	DanaBot
2022-10-10 14:09:04	4c44dd2806d0afbe3f1472f9b19377661f8cb6f88f6053061982c4a263a57ae5	exe	DanaBot