URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 104.168.7.72 |
|---|---|
| Firstseen: | 2025-01-31 06:59:03 UTC |
| Total malware sites : | 10 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 10 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-01-31 06:59:06 | 104.168.7.72 | 104-168-7-72-host.colocrossing.com | Not listed | AS36352 AS-COLOCROSSING |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-02-11 19:04:04 | 9724c42a575f82ad8544256bac8fa4f9e78f6e620ce8666012db278dd58896d9 | txt | ||
| 2025-02-11 18:34:04 | b15390620ccf825691c19c50f630d7f304d2c9a9d539047bcac5846f0b481580 | hta | RemcosRAT | |
| 2025-02-10 19:35:57 | fd89ff41e0c5802f129cea64675de5d2bb46a9443fbe1171d8a74708895fd180 | hta | RemcosRAT | |
| 2025-02-10 16:50:49 | 5c1e83f5c6ed9ebdfce45ec8b02ffc174d140891444efec70967103715e69587 | txt | RemcosRAT | |
| 2025-02-05 10:48:04 | 048099ca7e2e55ad822eb367fcc5b7e5ecf98557651825a03c34ca8373120139 | txt | ||
| 2025-02-04 19:15:04 | 53567cc7f7c6d7d1538b06ce9bc2d61b262c5fe0b491afcbb68b042e4ecb1128 | hta | RemcosRAT | |
| 2025-02-01 11:05:05 | 3b2b162a74ce403dff15fe96e5623cffdf3326e57949cdd1ecf5ffe9ad155bee | txt | ||
| 2025-01-31 06:59:06 | eb991c96fa1503bfb9a160baa4c84bcef7a53287a064e7bcb21c83e989f1ffc9 | hta | RemcosRAT |