URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	farsokim.de
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-06-20 11:42:01 UTC
Total malware sites :	11
Online malware sites :	0 (0%)
Offline Malware sites :	11 (100%)
A record(s) observed :	10

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-07 22:23:41	162.55.40.124	static.124.40.55.162.clients.your-server.de	Not listed	AS24940 HETZNER-AS	DE	yes
2025-04-27 13:43:53	185.53.177.50		Not listed	AS61969 TEAMINTERNET-AS	DE	no
2019-04-01 05:32:46	185.53.179.6		Not listed	AS61969 TEAMINTERNET-AS	DE	no
2019-04-05 06:39:46	185.53.178.9		Not listed	AS61969 TEAMINTERNET-AS	DE	no
2019-06-12 16:25:06	185.53.179.7		Not listed	AS61969 TEAMINTERNET-AS	DE	no
2019-02-07 12:39:59	91.195.240.126		Not listed	AS47846 SEDO-AS	DE	no
2019-02-01 08:15:12	72.52.4.119	a72-52-4-119.deploy.static.akamaitechnologies.com	Not listed	AS213120 PROLEXIC-IP-PROTECT	US	no
2019-02-01 08:46:49	91.195.240.240		Not listed	AS47846 SEDO-AS	DE	no
2018-12-26 22:49:48	46.4.217.114	static.114.217.4.46.clients.your-server.de	Not listed	AS24940 HETZNER-AS	DE	no
2018-06-20 11:42:03	91.121.86.137	brzeski.net	Not listed	AS16276 OVH	FR	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2018-10-17 11:47:03	http://farsokim.de/pim/vipp.exe	Offline	exe Pony	zbetcheckin
2018-10-17 11:41:04	http://farsokim.de/pim/ucca.exe	Offline	exe Pony	zbetcheckin
2018-10-10 11:15:03	http://farsokim.de/pim/fttp.exe	Offline	Pony	_nt1
2018-10-10 09:16:02	http://farsokim.de/pim/avg.exe	Offline	Pony	_nt1
2018-06-20 11:42:08	http://farsokim.de/ict/rose/order30495.exe	Offline	exe Loki	oppimaniac
2018-06-20 11:42:07	http://farsokim.de/ict/rose/S-order433.exe	Offline	exe Formbook Loki	oppimaniac
2018-06-20 11:42:07	http://farsokim.de/ict/rose/Calculator.jpeg	Offline	exe	oppimaniac
2018-06-20 11:42:06	http://farsokim.de/ict/rose/b-order.exe	Offline	exe Formbook Loki	oppimaniac
2018-06-20 11:42:05	http://farsokim.de/ict/rose/offer-6A4E3F.pdf.exe	Offline	exe Loki Pony	oppimaniac
2018-06-20 11:42:04	http://farsokim.de/ict/rose/offerorder.exe	Offline	exe Loki	oppimaniac
2018-06-20 11:42:03	http://farsokim.de/ict/rose/order433.exe	Offline	exe Loki Pony	oppimaniac

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2018-06-20 11:42:07	0993eee8eef5efee387f7940d2682ded81d883e59a529a531985812e50e43d3b	exe