URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 104.168.45.104 |
|---|---|
| Firstseen: | 2022-10-03 16:54:14 UTC |
| Total malware sites : | 4 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 4 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-10-03 16:54:16 | 104.168.45.104 | 104-168-45-104-host.colocrossing.com | Not listed | AS36352 AS-COLOCROSSING |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-11-29 03:02:06 | http://104.168.45.104/45/vbc.exe | Offline | 32 exe RemcosRAT  |  zbetcheckin |
| 2022-11-28 14:06:03 | http://104.168.45.104/44/vbc.exe | Offline | .net exe msil RemcosRAT |  jstrosch |
| 2022-10-05 10:33:06 | http://104.168.45.104/69085/vbc.exe | Offline | exe Loki opendir |  abuse_ch |
| 2022-10-03 16:54:16 | http://104.168.45.104/88775/vbc.exe | Offline | a310Logger exe Loki | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-11-29 03:02:06 | 2a22f5416355b1a39a14acb2cfcaa3aa969a70d7d3e85d7cd820ca247806c50f | exe | RemcosRAT | |
| 2022-11-28 14:06:03 | 5077460204027a210a9a197adae86e6c2b367bf7c20051cff3f9ae62e13713c8 | exe | RemcosRAT | |
| 2022-10-05 10:33:06 | 30e2e162c2da2940451688e73c7797bde2d9ee6806df5d68ebefa35812423d40 | exe | Loki | |
| 2022-10-04 12:32:28 | 6bd5bbea9b02d99f157e191dbdfe2d772498c3443496738e2c8d92a9617a099e | exe | Loki | |
| 2022-10-04 11:38:45 | 132b2bec8d938eeff8eaa559349a7a2a272a957fef0e4f3e9bcb4241eadf7e68 | exe | Loki | |
| 2022-10-04 07:20:45 | e0fe12504cc638820796299a68a761cfad56c38c3390f6ac010b40eb8daec63c | exe | Loki | |
| 2022-10-04 05:04:33 | 7fb1a3cb9b535ec86b38492201b523dc2f1440fd8d35ec0f017ea44594850600 | exe | a310Logger | |
| 2022-10-03 16:54:16 | 12747522667ef5f859fa009d00dffa56f770b73b7b4fecd2c5250c449a7d142c | exe |