URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	95.214.24.120
Firstseen:	2022-08-30 13:01:03 UTC
Total malware sites :	41
Online malware sites :	0 (0%)
Offline Malware sites :	41 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-08-30 13:01:03	95.214.24.120		Not listed	AS215873 tods-it	IT	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-10-10 08:46:06	http://95.214.24.120/C/fire.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:06	http://95.214.24.120/C/john.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:06	http://95.214.24.120/C/pa.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/babad.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/uzoo.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/ham.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/cool1.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/dbili.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/ugo.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/ezef.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/fineof.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/mrloga.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/jj.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/hamza.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/dikeaz.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/2.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:05	http://95.214.24.120/C/ec.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:04	http://95.214.24.120/C/yung2.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:04	http://95.214.24.120/C/dbili2.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:04	http://95.214.24.120/C/COOL2.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:46:04	http://95.214.24.120/C/fineboy.txt	Offline	ascii Encoded opendir	abuse_ch
2022-10-10 08:18:04	http://95.214.24.120/C/DLL.txt	Offline	ascii Encoded opendir rat RemcosRAT	abuse_ch
2022-10-10 08:17:04	http://95.214.24.120/C/HUZ.txt	Offline	ascii Encoded rat RemcosRAT	abuse_ch
2022-09-11 01:08:04	http://95.214.24.120/vect/yytdsghghdfb.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-09-01 10:28:04	http://95.214.24.120/vect/VBXCBCXVHGS.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-09-01 10:26:04	http://95.214.24.120/vect/QQBVBZCHGJHSF.exe	Offline	AgentTesla exe	abuse_ch
2022-09-01 02:42:04	http://95.214.24.120/vect/VBCXVGHFDJ.exe	Offline	32 exe Formbook	zbetcheckin
2022-08-31 08:27:04	http://95.214.24.120/vect/NBXCJHDSD.exe	Offline	32 exe Formbook	zbetcheckin
2022-08-31 07:13:04	http://95.214.24.120/vect/DUTRFGbNG.exe	Offline	exe Formbook opendir	abuse_ch
2022-08-31 07:13:04	http://95.214.24.120/vect/dave.txt	Offline	ascii Encoded opendir	abuse_ch
2022-08-31 07:13:04	http://95.214.24.120/vect/DLLL.txt	Offline	ascii Encoded opendir	abuse_ch
2022-08-31 07:13:04	http://95.214.24.120/vect/BGTHPNHv.exe	Offline	exe opendir RemcosRAT	abuse_ch
2022-08-31 07:13:04	http://95.214.24.120/vect/VXGFHDHHFG.exe	Offline	exe opendir RemcosRAT	abuse_ch
2022-08-31 07:13:04	http://95.214.24.120/vect/BNCHHVGHJHJK.exe	Offline	exe Formbook opendir	abuse_ch
2022-08-31 07:13:03	http://95.214.24.120/vect/QQPPLOGGCDH.exe	Offline	exe Formbook opendir	abuse_ch
2022-08-31 07:13:03	http://95.214.24.120/vect/NBCXHGGHJDF.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-08-31 07:13:03	http://95.214.24.120/vect/davex.txt	Offline	ascii Encoded opendir	abuse_ch
2022-08-31 07:10:05	http://95.214.24.120/vect/NBCHGDGD.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-08-31 00:14:04	http://95.214.24.120/vect/WTRGHXBHJX.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-08-31 00:13:04	http://95.214.24.120/vect/XXFHFHFHD.exe	Offline	32 exe Formbook	zbetcheckin
2022-08-30 13:01:03	http://95.214.24.120/vect/VNBCHJJDS.exe	Offline	exe Loki	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-10-10 08:46:06	d3416937c321e3419423a2fa65401d3cd6587105542fbd041d548c875d37e456	txt
2022-10-10 08:46:06	2b40bbe12da2ac6007954562b6410c9befe32b825cee75b619f6b58ee194e7fd	txt
2022-10-10 08:46:06	5cd984999bd8247605963dfaa79f5e20a7c9322bfe6545dac895efaf52a62b65	txt
2022-10-10 08:46:05	0b0b096a00937aad2e8328151248ff5debdcaaf6a4e8cf13c1ad11a7cd719982	txt
2022-10-10 08:46:05	de288a62f3ea95d850589ea2610d01bcf9323c68e905fe9df54ab084dd5c29d1	txt
2022-10-10 08:46:05	528f5b7784f9dfa744ad6dec27cee34803b807afe1bedd1a29bd83dfd7e06851	txt
2022-10-10 08:46:05	bbf07f5708d3325a1da73a180830fda474955ee1af090d9989ad826c4aff9504	txt
2022-10-10 08:46:05	25ace9ec9340b81313e3bbae01125f9098d5e2be55a51050983ec9a632d03ba6	txt
2022-10-10 08:46:05	63fc53b25d5477325abf9e8502fce8837b07df40804365a7040c08b0dd84f23c	txt
2022-10-10 08:46:05	313b54a0d3afbb4a39efa4639d46a3fdd48ec21b90a8200bfeffe4c73983f9c7	txt
2022-10-10 08:18:04	bb18aa9ba1f006ab946450177cc831f09c84ca83700801b60129b3ece191a1be	txt
2022-10-10 08:17:04	3ec76a34ba05254b8884a6235e8c7485ee86ec2ec46ad98f03dfe753e6f97ff9	txt
2022-09-11 01:08:04	e76cebc404b8a79e2ab806a3e501b9d2f7260ea1d12f804320c1130be205dff6	exe	RemcosRAT
2022-09-07 02:41:38	b5d606d86246cd40903e8b84d48c34633cbc8189a824bb412b9a0aea0c7232cf	exe
2022-09-07 02:31:22	f9d76905941238dcb8c1c30786fbad459fcc466de1409ff5b47571994f3328ff	exe
2022-09-01 19:34:50	4f2316b45197b7f4ed625123e43dd47056e026d2e6f79f47f7d2ccca2f012a49	exe	Loki
2022-09-01 10:28:04	006854d4623003bf6b98110f8c8108d97d475055511bd9d222b8d3bc6f39f8dc	exe	AgentTesla
2022-09-01 10:26:04	1f6e1758b123080556a5ee96779d9ef63f54f9af1d07d8a3cc8cff39c636b12b	exe	AgentTesla
2022-09-01 02:42:04	15eb688bffed96b0b324724e48b258dc6c6deb76d71310b26b01e1e12f26108c	exe	Formbook
2022-08-31 08:27:04	b47cf0eaed7e3798e77eaf01aac5783f2c03f7db7802a5215523d4ccdc631bc5	exe	Formbook
2022-08-31 07:13:04	86369d60c9f6b68598952379aaa9b0d3b7af84294b4aece68359552287d3456f	exe	Formbook
2022-08-31 07:13:04	fadbc6f814008e75bff67f36923f9e2fa2faf5312ac8243e80236f57a17e12c1	exe	RemcosRAT
2022-08-31 07:13:04	0065495640ca573d1528ef14bfc33d30e1a5542b95d05601fb1fc49de4bb64f7	exe	Formbook
2022-08-31 07:13:04	5baaa1bb5e6b51d0f7cad61124d33048c61376a2194ee68f7b0ee57697cd53a4	exe	RemcosRAT
2022-08-31 07:13:04	bd84bdb9d0b812c2bd9d130f302e660ff1dee4f57c43d2d81c6a8b9efbf093e4	txt
2022-08-31 07:13:04	9b73b7a3a2378e5e8d53919211b4168ca53c43b4026cc42b8d64be0bc4c0769c	txt
2022-08-31 07:13:03	2f177a146603287dc4b1c68c16495a01f87d5f0e60f84880d9b875da8ffbdee3	exe	Formbook
2022-08-31 07:13:03	277fce3b2d847d9d39886066c99013feb62399e5cb0fedbea2ce197f2c158157	exe	AgentTesla
2022-08-31 07:10:05	d534bb2cf15eb0efe9465b1b7cfddd2a34087210f11539b7fc4f2dd9e79a40f8	exe	AgentTesla
2022-08-31 00:14:04	4e24f18c609d04ba55264362e311e7536eda95872bf42a3327b7970f2b8eaacb	exe	RemcosRAT
2022-08-31 00:13:04	7d850c7483817ae91c6b6dde59c22141b754d04ec2e0985ffcd85b08f2e9ae58	exe	Formbook