URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: androidapk.ovh
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-08-28 05:05:03 UTC
Total malware sites :1
A record(s) observed :22

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-01-02 20:04:44 51.72.12.94Not listedAS16509 AMAZON-02- DEno
2021-12-31 19:43:59 60.171.21.94Not listedAS4134 CHINANET-BACKBONE- CNno
2021-12-26 15:52:03 65.22.91.127Not listedAS207266 AFiLIAS-SECONDARY-DNS- USno
2021-12-15 21:20:41 61.3.92.184Not listedAS9829 BSNL-NIB- INno
2021-11-25 19:16:21 211.125.73.22Not listedAS7506 MAINT-JPNIC- JPno
2021-11-24 01:40:45 116.203.98.140static.140.98.203.116.clients.your-server.deNot listedAS24940 HETZNER-AS- DEno
2021-11-02 03:44:42 62.57.84.3362.57.84.33.dyn.user.ono.comNot listedAS6739 ONO-AS- ESno
2021-10-30 03:24:31 96.14.88.17Not listedAS22394 CELLCO- USno
2021-10-14 00:40:37 52.82.211.17Not listedAS135629 WESTCLOUDDATA- CNno
2021-10-10 11:50:54 62.168.73.17f0-48.sgh2.sh.gtsi.skNot listedAS5578 AS-BENESTRA- SKno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-08-28 05:05:04http://androidapk.ovh/q.exeOffline32 exe QuasarRAT ext zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-08-28 05:05:0322fdaddfc72a9e1bdfca54d70170db8a82c176fd633fa3a76125961e975369f4exe QuasarRAT