URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: levstik.si
Domain registrar: n/a
Domain registration date:2005-04-04 00:00:00 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2023-06-13 17:52:40 UTC
Total malware sites :1
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-27 15:56:22 185.53.12.130sh5.hostko.netNot listedAS41828 TELEMACH-HOSTING- SIyes
2023-06-13 17:52:44 185.53.12.185rs4.dnserv.comNot listedAS41828 TELEMACH-HOSTING- SIno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-06-13 17:52:44https://levstik.si/eeud/OfflineBB32 geofenced js Qakbot ext Quakbot ext USA Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-06-15 14:52:564971fe4eb9041c1f1160164b7cfb8ac0d30bd3ae0844f8656d7f2d172071a321zip Quakbot
2023-06-15 14:39:47ed76eaf7bb91a031196085e045a6613da93259220ea53cec067c53971f80a5d1zip Quakbot
2023-06-15 12:42:10aa520c37c5f1fd3999506682853c10d51b002efe4ab188c3b451f541bb6eb286js Quakbot
2023-06-15 10:58:029a54d17ca7f8f94b84d92540e1aa1309372cf2f6525e8214bc19f0fdc6050633js Quakbot
2023-06-15 10:09:40542e6dd9dce2a281fd377b239f430841a53361ceedd91f0e5d05305a4c0a899bjs Quakbot
2023-06-15 07:19:36bd4e86a053e47a93363df7ef0521eafac518744761d922332b9c6f4df1688ba2js  
2023-06-14 17:56:11284d31778397f63491319568d47106697d94cecd2e43fcaf4883ddfa22c7bf33js Quakbot
2023-06-14 13:34:5837c6b428c6dac5415c0b35410a7aced9d2053d27b962431df24c4173c93f8523js Quakbot
2023-06-14 12:26:26bae63014222c445f1035e6d96c15f407e41825807e0ce8cce7057fff2a0242c7js  
2023-06-14 11:30:11bc64caf34f92e2e6f063ced2c6d9e82ecfab18b7aeee5767de6094fd960d23aajs Quakbot
2023-06-14 10:58:532ecf8ad3e38853c6374d0727cac60b889e5e35bd8161a5106f70870be251998ajs Quakbot
2023-06-14 09:39:507fb0d0d006fb2d1a05576482a1acdfdd21d674d14f989933f67a5d2f594c7b30js  
2023-06-14 07:24:16cf5e705de667060a6d8c5e53199214b73014eb8edf55374ff86403221452b37ejs Quakbot
2023-06-14 06:13:31fce346ef00b16381bb4a419671d8c9d2ba9ebfcf2e33f7656cc401d821acc06cjsQuakbot
2023-06-14 05:57:156e86f26862c886b01d7e28e34077d50ee7d167a4a5925ad9932469d5b12f2622js Quakbot
2023-06-14 04:29:31c6b4767af4977fbaa9c568a5647ec17d3fb56ccd5d7e042eec576ea7e2af954cjs Quakbot
2023-06-14 04:13:0688285aeeb72a8951140bc0236c733ebec023b3eb03c55ba49979003c46300b11js 
2023-06-14 03:34:52452928a08c9474e6ffe308a9952ee43ff38c8a8fcec9f14b1cd8dc5c10c9d26fjs  
2023-06-14 02:38:54faf4254fb0b769d95733e7d0742a6087db84c8f33a59965427e9d14aa4290e59js 
2023-06-14 01:57:457065e4c6d3f55f711d6212a95a634d74296bf2b391f5b1cd8b211c0bd09ec128js Quakbot
2023-06-14 00:35:37d086817161f6de425186882105a50b7da2366a6ed0b8e1b1b3a4fce11081e987js  
2023-06-13 21:38:2327caea170dece7169f1c5d9778c4c23a6b2d1e05518aa8b5f643349f20ae0ab9js Quakbot
2023-06-13 20:37:3585aa6a26b394da306e21260aa86bb2f36550ead1086c06ffed11cd86c214cbe2jsQuakbot
2023-06-13 19:42:1438972f9749b0ad71a1c45e7911373b3f2d6f10dc344045a3a60a1685339c4554js Quakbot
2023-06-13 17:52:4432bfa79c01a1407a4197982364340603a7d06cee692fe4d8db9d89e1accba9d5js Quakbot