URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 104.168.33.68 |
|---|---|
| Firstseen: | 2022-06-07 00:53:03 UTC |
| Total malware sites : | 9 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 9 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-06-07 00:53:06 | 104.168.33.68 | 104-168-33-68-host.colocrossing.com | Not listed | AS36352 AS-COLOCROSSING |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-07-07 15:25:38 | http://104.168.33.68/jjj/fil.exe/n/n | Offline | Anonymous | |
| 2022-06-28 08:59:05 | http://104.168.33.68/67/vbc.exe | Offline | AgentTesla  exe opendir |  abuse_ch |
| 2022-06-28 08:59:04 | http://104.168.33.68/document/document.doc | Offline | doc opendir | abuse_ch |
| 2022-06-16 08:40:05 | http://104.168.33.68/jjj/fil.exe | Offline | 32 exe |  zbetcheckin |
| 2022-06-16 07:13:05 | http://104.168.33.68/gud/ama.exe | Offline | AgentTesla exe opendir | abuse_ch |
| 2022-06-10 09:42:04 | http://104.168.33.68/bl/ble.exe | Offline | SwissPost_CERT | |
| 2022-06-07 05:27:05 | http://104.168.33.68/gg/ccc.exe | Offline | 32 exe Formbook | zbetcheckin |
| 2022-06-07 02:17:04 | http://104.168.33.68/bb/key.exe | Offline | exe XFilesStealer | zbetcheckin |
| 2022-06-07 00:53:06 | http://104.168.33.68/go/vbc.exe | Offline | exe Formbook |  AndreGironda |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-06-28 08:59:05 | 65e9299259dd476ebbc003be7c5a3550ff8220a2df5adcac8a8120e2db6bac92 | exe | AgentTesla | |
| 2022-06-28 08:59:04 | 4d7481fb045dee7deac7286cd4205aaa8a732a4e855616fdaf79c8e7139434c1 | unknown | ||
| 2022-06-16 08:40:05 | 599ddba0ada8097bf76bfc1141869d98cee8f1e90a9fed31e48fd752a13756ef | exe | ||
| 2022-06-16 07:13:05 | dd1a5d2bd088d8b31bc8a712bb7484aabcdc4fc3119147f22dc141a8092bd3b6 | exe | AgentTesla | |
| 2022-06-10 09:42:04 | 60f0359eba674e7f697ee9d555463cb1bd40bbfef83338af25cc8cbb1cb0d5a7 | exe | ||
| 2022-06-07 05:27:05 | b479031f60b7199b24937d75aed26bc7bab0c3a20a8f79cd18d89a69c8ba8fe1 | exe | Formbook | |
| 2022-06-07 02:17:04 | b5e6e4784b9dba37baf564a859fa878e6b944de383b59559c088078a0f1b3f6b | exe | XFilesStealer | |
| 2022-06-07 00:53:06 | eeabe3129e3e52ef1f5fe98b73c375ee55ea1163ba441421234951f514fd1d89 | exe | Formbook |