URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	nkai.xyz
Domain registrar:	Namecheap
Domain registration date:	2022-03-18 00:38:43 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-06-10 09:10:04 UTC
Total malware sites :	6
Online malware sites :	0 (0%)
Offline Malware sites :	6 (100%)
A record(s) observed :	10

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-09-01 18:16:16	13.248.169.48	a904c694c05102f30.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2025-09-01 18:16:16	76.223.54.146	a904c694c05102f30.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2025-09-05 18:48:21	166.117.110.61		Not listed	AS16509 AMAZON-02	US	no
2025-09-05 18:48:21	99.83.161.153	a2b7bf3398455f345.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-08-14 08:55:14	150.95.255.38		Not listed	AS7506 MAINT-JPNIC	JP	no
2023-03-18 07:15:25	99.83.154.118	a51062ecadbb5a26e.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2022-06-13 10:53:48	103.179.142.206		Not listed	AS149440 EVOXTENTERPRISE-AS-AP	MY	no
2022-06-12 22:31:14	213.108.198.204		Not listed	AS216475 nktelecom	DE	no
2022-06-12 05:19:21	213.226.100.138	rentpoint.md	Not listed	AS209847 THE	MD	no
2022-06-10 09:10:05	45.153.229.148	vm1792585.stark-industries.solutions	Not listed	AS44559 ITHOSTLINE	SG	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-06-13 07:01:06	http://nkai.xyz/loader/uploads/gpi_Cqeqmqwr.png	Offline	encrypted	abuse_ch
2022-06-12 14:13:35	http://nkai.xyz/loader/uploads/tc_Ebnwovxv.jpg	Offline	encrypted XFilesStealer	abuse_ch
2022-06-10 12:55:05	http://nkai.xyz/VideoLAN.exe	Offline	exe XFilesStealer	zbetcheckin
2022-06-10 09:29:04	http://nkai.xyz/loader/uploads/rie_Xzxwcovi.bmp	Offline	exe	vxvault
2022-06-10 09:22:04	http://nkai.xyz/CDsupport.exe	Offline	exe XFilesStealer	vxvault
2022-06-10 09:10:05	http://nkai.xyz/loader/uploads/wg_Sjerqhmk.png	Offline	exe	vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-06-13 11:55:27	567eaab72d17c8164c2d934858814ef898833adced0614c33c77736504522917	exe		XFilesStealer
2022-06-13 11:35:48	533ab2aaa846d396f2071baa45a5c7ce854c091337fb3c9bd318e9457116987a	exe		XFilesStealer
2022-06-13 11:02:33	62634f23631064c759a0822294a57021fbe09f4a2a01de736c855f4b944aaaf9	exe		XFilesStealer
2022-06-13 07:55:53	1b88197613f1c501120d3452c20a264bc4f2596d9781975f9054b444dffccb46	unknown
2022-06-13 07:01:18	18fa042a8298f616967d396d1fd3dbcfb76b33612219e353089b9b6406a0a814	exe		XFilesStealer
2022-06-13 07:01:06	8cd431320d1e683bdba0338750f54abfa99ce86853ff632e65108ae77fd57213	unknown
2022-06-13 03:40:20	37b5363f6fd3b54a4498c1c585affd25f5a719ec552e91f4e1243ed344fd4575	exe		XFilesStealer
2022-06-12 05:19:20	3e092962b8b5793208b6268d616bd3ca63c64de3c6bf61fc63d1d4df3e69c014	exe		XFilesStealer
2022-06-11 01:31:07	aaa0c7639e9b89122640361b790330a3f2d615dbdcb5198c1edd8ae649e8da82	exe		XFilesStealer
2022-06-11 01:30:06	91ee7495202ee70917b54a58444f844455513ed4f743721a745abb6dd99e2315	exe		XFilesStealer
2022-06-11 00:52:10	11ae2e344df90b0498ef2a129063c02b47e6df3bf91ed1b3e6ea1cc30335f7c7	exe		XFilesStealer
2022-06-11 00:51:21	11ae2e344df90b0498ef2a129063c02b47e6df3bf91ed1b3e6ea1cc30335f7c7	exe		XFilesStealer
2022-06-10 20:04:10	f1891e8658060a83c1492303243e7176798fedb3ad23ef4235cb0a726dd36add	exe		XFilesStealer
2022-06-10 20:03:59	f1891e8658060a83c1492303243e7176798fedb3ad23ef4235cb0a726dd36add	exe		XFilesStealer
2022-06-10 12:55:05	1887989d168e18606bf175ddb1a83e6ca5af7eb2bcbd60be37e729ecd0ab8bb0	exe		XFilesStealer
2022-06-10 11:20:38	1887989d168e18606bf175ddb1a83e6ca5af7eb2bcbd60be37e729ecd0ab8bb0	exe		XFilesStealer
2022-06-10 09:54:58	c47d20e392d70f1791ee4dfc2fba5445f9ab2da0833f5a7f12b0461bdaeffd72	unknown
2022-06-10 09:32:32	1b88197613f1c501120d3452c20a264bc4f2596d9781975f9054b444dffccb46	unknown
2022-06-10 09:29:04	be593173b034eaa4f5a0f2d8e2cbc201a69ad35531b502e43bc3940546fa179f	unknown
2022-06-10 09:22:04	f5bb4fe0d4f2f4aaf604140cb41dbca8c8b7baee8229998a956be12ce5d01408	exe		XFilesStealer
2022-06-10 09:10:05	1fa746cd7647e22042e646b37fd3c9d3809bc0eaf500c714fd25a1900e7a2a27	unknown