URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry


Host: 216.119.126.23
Firstseen:2025-12-08 15:05:06 UTC
Total malware sites :4
Online malware sites :3 (75%)
Offline Malware sites :1 (25%)
Newest active malware site :2026-02-14 19:19:05 UTC
Oldest active malware site :2026-01-01 12:53:15 UTC (Age: 1 month, 29 days, 10 hours, 30 minutes)

IP addresses


The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-12-08 15:05:08 216.119.126.23Not listedAS14992 CRYSTALTECH- USyes

Malware URLs


The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-02-14 19:19:05https://216.119.126.23/old_backup/Onlinecensys ClickFix ClickFix-cc html NDA0E
2025-12-08 15:05:08http://216.119.126.23OfflineUnknown Stealer threatquery

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-02-14 19:19:053e92ba1d0f82cda438e319b9604fe7db5e07430baba09d68848277eb8dc88f51html  
2026-01-13 19:19:0737f58d066d6674cc17e3b7b8ad7d8188a910eaef865f4b2a574a52427c50447bhtml  
2026-01-13 14:49:5337f58d066d6674cc17e3b7b8ad7d8188a910eaef865f4b2a574a52427c50447bhtml  
2026-01-13 01:55:56b730f57157e286a19cf429d84997cc7280a7a57a00b9914574f2da39f99fc0a0html  
2026-01-12 23:34:33fa6b4022305bd8f13c6fd0dcf4cdc90bd8004ea6e538f9b740933b71d3ff07d1html  
2026-01-01 12:53:163e92ba1d0f82cda438e319b9604fe7db5e07430baba09d68848277eb8dc88f51html  
2026-01-01 12:53:153e92ba1d0f82cda438e319b9604fe7db5e07430baba09d68848277eb8dc88f51html