URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	104.168.33.25
Firstseen:	2022-05-10 15:05:04 UTC
Total malware sites :	14
Online malware sites :	0 (0%)
Offline Malware sites :	14 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-05-10 15:05:06	104.168.33.25	104-168-33-25-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-07-07 15:25:10	http://104.168.33.25/80/sms.exe	Offline		Anonymous
2022-07-07 15:25:04	http://104.168.33.25/99/aj.exe	Offline		Anonymous
2022-06-09 11:12:05	http://104.168.33.25/90/fm.exe	Offline	exe Formbook opendir	abuse_ch
2022-06-09 11:12:04	http://104.168.33.25/66/pvc.exe	Offline	exe Formbook opendir	abuse_ch
2022-05-31 13:29:04	http://104.168.33.25/mof/moo.exe	Offline	32 exe Formbook	zbetcheckin
2022-05-31 08:41:04	http://104.168.33.25/ss/ip.exe	Offline	32 exe Formbook	zbetcheckin
2022-05-20 12:37:06	http://104.168.33.25/tt/tv.exe	Offline	exe Formbook opendir	abuse_ch
2022-05-20 12:37:05	http://104.168.33.25/one/six.exe	Offline	exe Formbook opendir	abuse_ch
2022-05-19 15:54:10	http://104.168.33.25/ss/vc.exe	Offline	exe Formbook opendir	abuse_ch
2022-05-19 13:59:05	http://104.168.33.25/ice/vbc.exe	Offline	exe Formbook opendir	abuse_ch
2022-05-17 09:13:04	http://104.168.33.25/bbc/vbc.exe	Offline	exe Formbook opendir	abuse_ch
2022-05-13 14:55:04	http://104.168.33.25/gtb/vbc.exe	Offline	exe Formbook opendir	abuse_ch
2022-05-12 18:41:04	http://104.168.33.25/800/vbc.exe	Offline	exe Formbook opendir	abuse_ch
2022-05-10 15:05:06	http://104.168.33.25/50/vbc.exe	Offline	exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-06-09 11:12:05	39da82f6a59b141c14da6d9af6677d0358521bc6aaab84c73b6f77df231962d8	exe	Formbook
2022-06-09 11:12:04	fdd812c1bced30628de1b29a4b2f66f0f62d507d4719674a98b40995094017d5	exe	Formbook
2022-05-31 13:29:04	aaa0dfb3ef0970fb0d4437de50371e20e4c8563051c90a63334964a9cd454749	exe	Formbook
2022-05-31 09:32:42	4111a65993a5f0b32a930fdca8b4e07b47b9dd63e5e81bb102819ffacf17ef84	exe	Formbook
2022-05-31 08:41:04	4f1763ec9c70f7a1c4eb624dfb41e888d95fe0ece92d694977f7a3bd8b24bd1a	exe	Formbook
2022-05-20 12:37:06	ddefebb59f9e4b8fc00e13686024f829fbc7d82a2b0d07fd29748071708a5850	exe	Formbook
2022-05-20 12:37:05	682629e9b965b64912c262031e640de0b18c637b392df618db5775b8bef53ef4	exe	Formbook
2022-05-19 15:54:10	b4959f6906cb2816453fd47b371ff016bd899bc9a4e4161e06b80ee64a9f7fc5	exe	Formbook
2022-05-19 13:59:05	2c33c5bc5ff734e08441f0ae726f6a05bdc9aedf06d989767f3283c0ece448a3	exe	Formbook
2022-05-17 09:13:04	be44388c1d6cb611f833ee2a52ba342d542bd4ce6da7f4d87a013094fe200eea	exe	Formbook
2022-05-13 14:55:04	752d0155c769033832d6845eabba29bce2b9d0eedff734b31a49c879ed08ff72	exe	Formbook
2022-05-12 18:41:04	9c7e2362b268b00fc075126a7e40318156cfbe5ef35fa9d7f28ed4e2bca9b35a	exe	Formbook
2022-05-10 15:05:05	56f0926377455c42b13e8235983ec0c4a2a1bdefc68a712d7e9374ab67af108d	exe	Formbook