URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	84.247.147.214
Firstseen:	2024-11-08 07:14:04 UTC
Total malware sites :	21
Online malware sites :	0 (0%)
Offline Malware sites :	21 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-11-08 07:14:08	84.247.147.214	vmi2068299.contaboserver.net	Not listed	AS141995 CAPL-AS-AP	SG	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-12-27 09:40:24	http://84.247.147.214:8080/gs-netcat.zip	Offline	malware opendir	Joker
2024-12-27 09:40:24	http://84.247.147.214:8080/wp.exe	Offline	malware opendir	Joker
2024-12-27 09:40:16	http://84.247.147.214:8080/LaZagne.exe	Offline	Lazagne malware opendir	Joker
2024-12-27 09:40:12	http://84.247.147.214:8080/res1	Offline	base64-loader malware opendir	Joker
2024-12-27 09:40:12	http://84.247.147.214:8080/mimikatz.exe	Offline	malware mimikatz opendir	Joker
2024-12-27 09:40:11	http://84.247.147.214:8080/final.exe	Offline	malware meterpreter opendir	Joker
2024-12-27 09:40:10	http://84.247.147.214:8080/Akagi64.exe	Offline	malware opendir	Joker
2024-12-27 09:40:10	http://84.247.147.214:8080/wp.bat	Offline	malware opendir	Joker
2024-12-27 09:40:10	http://84.247.147.214:8080/gp.exe	Offline	GodPotato malware opendir	Joker
2024-12-27 09:40:10	http://84.247.147.214:8080/Akagi32.exe	Offline	malware opendir	Joker
2024-12-27 09:40:09	http://84.247.147.214:8080/invokemimi.ps1	Offline	malware opendir	Joker
2024-12-27 09:40:09	http://84.247.147.214:8080/py.js	Offline	malware opendir	Joker
2024-12-27 09:40:07	http://84.247.147.214:8080/invokelz.ps1	Offline	malware opendir	Joker
2024-12-27 09:40:07	http://84.247.147.214:8080/invokepe.ps1	Offline	malware opendir	Joker
2024-12-27 09:40:06	http://84.247.147.214:8080/IPv4NetworkScan-obs.ps1	Offline	malware opendir	Joker
2024-12-27 09:40:06	http://84.247.147.214:8080/IPv4NetworkScan.ps1	Offline	malware opendir	Joker
2024-12-27 09:40:06	http://84.247.147.214:8080/_BsO7Pc4leIEmwdV.ps1	Offline	malware opendir	Joker
2024-12-27 09:40:06	http://84.247.147.214:8080/test1.ps1	Offline	malware opendir	Joker
2024-12-27 09:40:06	http://84.247.147.214:8080/IPv4PortScan.ps1	Offline	malware opendir	Joker
2024-12-27 09:40:06	http://84.247.147.214:8080/BsO7Pc4leIEmwdV_.ps1	Offline	malware opendir	Joker
2024-11-08 07:14:08	http://84.247.147.214:8080/BsO7Pc4leIEmwdV.ps1	Offline	c2 opendir	abus3reports

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-12-27 09:40:24	6bae85b323adb872a5de775c896c26df6580cbf13dec97abb14c07ca81691d90	exe
2024-12-27 09:40:24	cbbead3b9a7ca5f38ef307b5d42a08cf5344b64f0a149d629b33a9be7fb484a1	zip
2024-12-27 09:40:16	467e49f1f795c1b08245ae621c59cdf06df630fc1631dc0059da9a032858a486	exe	LaZagne
2024-12-27 09:40:11	92804faaab2175dc501d73e814663058c78c0a042675a8937266357bcfb96c50	exe	MimiKatz
2024-12-27 09:40:11	f0efb83890bf42f117c6742adba3bb84574f7ad35d2066c3e2b542bd6c5b10c6	txt
2024-12-27 09:40:10	aec454e782edd3918d12941ea71d35785a50697f67befeb78e6edcf10222df13	exe
2024-12-27 09:40:10	7e20954e85bea8a9618e484baf07d0063d8934305e27e5456a4be895b34a0e1f	exe	GodPotato
2024-12-27 09:40:10	c4763326f599868a7db6fa708553ba637fbd36323763dc831698538cd404f32b	bat
2024-12-27 09:40:10	9870e7f6b70a105c0474662f4db31038f5eaa0ae57d6ebb7e55f3806e0eca33b	exe
2024-12-27 09:40:10	c7265f67b7e2a9697525cc6da6501fdaa8e9a4dadd6322619b7b0ca6a5f24150	exe	Meterpreter
2024-12-27 09:40:09	41451f9d62f9eb4cf21d50e896c7fd28e18a84f45ebe914285599a69ec79f7f5	json