URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 31.210.20.6
Firstseen:2021-05-04 16:10:03 UTC
Total malware sites :25
Online malware sites :0 (0%)
Offline Malware sites :25 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-05-04 16:10:04 31.210.20.6Not listedAS14178 Megacable_Comunicaciones_de_Mexico_S.A._de_C.V.- MXyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-05-11 09:55:04http://31.210.20.6/w2/Kikyix.exeOfflineexe RedLineStealer ext gorimpthon
2021-05-11 08:31:03http://31.210.20.6/w2/Hoxmq.exeOfflineAZORult ext exe abuse_ch
2021-05-11 07:02:04http://31.210.20.6/w2/Qquabsz.exeOfflineAgentTesla ext exe abuse_ch
2021-05-11 05:35:18http://31.210.20.6/w2/Eliorhcq.exeOfflineexe SnakeKeylogger ext abuse_ch
2021-05-11 05:19:03http://31.210.20.6/w2/fgmq.exeOfflineAgentTesla ext exe abuse_ch
2021-05-11 05:17:04http://31.210.20.6/w2/PLP_017542000.exeOfflineexe Loki ext abuse_ch
2021-05-10 18:05:03http://31.210.20.6/y-E8/Mcnzurtic.exeOfflineexe SnakeKeylogger ext abuse_ch
2021-05-10 14:46:04http://31.210.20.6/y-E8/IMG_052_126_097.exeOfflineAgentTesla ext exe zbetcheckin
2021-05-10 14:45:04http://31.210.20.6/y-E8/Giwdmzf.exeOfflineexe SnakeKeylogger ext zbetcheckin
2021-05-10 13:06:04http://31.210.20.6/y-E8/Olqmvkwk.exeOfflineLoki ext lokibot ext James_inthe_box
2021-05-07 20:01:33http://31.210.20.6/RT/Eflre.exeOfflineexe SnakeKeylogger ext zbetcheckin
2021-05-07 18:28:03http://31.210.20.6/RT/Aeunsul.exeOfflineAgentTesla ext exe abuse_ch
2021-05-07 08:20:04http://31.210.20.6/RT/Sogzegf.exeOfflineexe zbetcheckin
2021-05-07 08:20:03http://31.210.20.6/RT/Lfdzvtp.exeOfflineexe OskiStealer ext zbetcheckin
2021-05-07 08:15:03http://31.210.20.6/RT/Zguzieszn.exeOfflineexe OskiStealer ext zbetcheckin
2021-05-07 08:15:03http://31.210.20.6/RT/Ybhfk.exeOfflineexe OskiStealer ext zbetcheckin
2021-05-07 06:59:03http://31.210.20.6/RT/Efhadpd.exeOfflineAgentTesla ext exe abuse_ch
2021-05-05 14:50:04http://31.210.20.6/4C/Kvinolsz.exeOfflineexe Loki ext zbetcheckin
2021-05-05 10:54:04http://31.210.20.6/4C/Dwmnrn.exeOfflineAgentTesla ext exe zbetcheckin
2021-05-05 06:08:03http://31.210.20.6/4C/Cfzprazem.exeOfflineexe zbetcheckin
2021-05-05 04:33:03http://31.210.20.6/4C/Xcsyck.exeOfflineexe zbetcheckin
2021-05-04 18:13:03http://31.210.20.6/3/Pdipucce.exeOfflineexe SnakeKeylogger ext zbetcheckin
2021-05-04 17:24:03http://31.210.20.6/3/44444.exeOfflineAgentTesla ext exe zbetcheckin
2021-05-04 17:24:02http://31.210.20.6/3/Sugvt.exeOfflineexe OskiStealer ext zbetcheckin
2021-05-04 16:10:04http://31.210.20.6/3/Tpxgwea.exeOfflineLoki ext lokibot ext James_inthe_box

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-05-11 09:55:04fb8c95c0c083ded0655f4dd46a9d3bda1da8d64f55b9e49042335e65f6bd4479exeRedLineStealer
2021-05-11 08:31:036049c21287620b9ebc1db5980c2c383ac7a5b57119cbf757a54bb5ba27645eb4exeAZORult
2021-05-11 07:02:03ef84b2ff04124e92bb1f3cd7d7ea4f8c61d130b0171a66586fb72ce46a28057bexeAgentTesla
2021-05-11 05:35:18a608e12ae5bb4560a9ca9d4be49ddf2e04a3cb65ff3367b5bd8e4a8cc9325a48exeSnakeKeylogger
2021-05-11 05:19:0319368f9d401db77bd90b14b17b435c319e7fefb557920323d5ed954057d53e76exeAgentTesla
2021-05-11 05:17:046e169a50fc817fbf2e60e10f1e6816aaef5567dccbd36aab28badb1114909925exeLoki
2021-05-10 18:05:03014f64defb76d4f14751fc7352aa2e3f4a9b09e4f2f0e2ef506331fd78eb7636exeSnakeKeylogger
2021-05-10 14:46:048d33ac3a6ed3e4e8608757bf57424e201c94f5418eb24d7a921fc9116d595c88exeAgentTesla
2021-05-10 14:45:0420953019087963bd55f735a4296337bb5f93e1ff5501cdb88c6705c5c414fa5fexeSnakeKeylogger
2021-05-10 13:06:0490c34abc42842c9910a1149103248a108e114624ec9877a092fffadcdf9c54e1exeLoki
2021-05-07 20:14:298906b9ddd4d91aa4090b8895777a3f771a01ca4600228c2deb366b7c25a0ee21exeSnakeKeylogger
2021-05-07 18:28:03c3bf2dd2d53f2ac2dcf5e59aa8d234efdf24fb7f5eca9e2a9cb1a4536979bed4exeAgentTesla
2021-05-07 08:20:04127571a418fb8717e011f384d07787dadbd0aefce50a137c01a0ce8d6933e940exe 
2021-05-07 08:20:035f55898f4f260025ec6507f92ed128dcd90f5f83d14b507282352f4c79fb71bcexeOskiStealer
2021-05-07 08:15:0304739bba7ef80f72f47dd22eb66b9fddb6f48b5c3744b1f9cc6018615aa11bd6exeOskiStealer
2021-05-07 08:15:03afdbf26cb55fb5d7acb13eee328ced4ffd4fd1d42a72dc95fb1053b264ec45eeexeOskiStealer
2021-05-07 06:59:03798cecbce0139e502fd6b23a7d147480d25a168d93131ba2e59f5b81ddbebb28exeAgentTesla
2021-05-05 14:50:0452abf462bcbd7f36e4ee8ed1f60273f397be3d914e200f150d320fb5e726a878exeLoki
2021-05-05 10:54:04d1497a0b392b283ffa3cb0044a2c559288fe268296333d902556c3d0688fade3exeAgentTesla
2021-05-05 06:08:033efb8d6a873c1553f95c6d20ef6a489530040080a837fbf7cf91108501e8fa49exe 
2021-05-05 04:33:03a517552827e4823129d29a86c716decae6366d7bad5d8521ba6d1fd52547147dexe 
2021-05-04 18:13:038c852c93612eb6464c5e42d8a600e0b73d3e2e73ad56b223dd02fa9fbc5d1364exeSnakeKeylogger
2021-05-04 17:24:03b65eed317058df5ddd4247ec93ac2b555ae2c29b751ee455ceee3dd9b670ecadexeAgentTesla
2021-05-04 17:24:02d346665dc0a3c37256f313f6e9e41c254acf70c599d007f1391128c4b3771ce6exeOskiStealer
2021-05-04 16:10:0476455f7336aa729ffcfa29bfd7b2d558be37e5996b6906c56f6a7e7d01a52764exeLoki