URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 104.219.239.104 |
|---|---|
| Firstseen: | 2024-07-25 07:44:03 UTC |
| Total malware sites : | 7 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 7 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2024-07-25 07:44:06 | 104.219.239.104 | ip-104-219-239-104.host.datawagon.net | Not listed | AS27176 DATAWAGON |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-07-31 10:40:08 | http://104.219.239.104/15/winiti.exe | Offline | exe Formbook  |  abuse_ch |
| 2024-07-31 10:40:07 | http://104.219.239.104/xampp/uh/greatdayforever... | Offline | doc Formbook | abuse_ch |
| 2024-07-30 18:11:06 | http://104.219.239.104/112/chm.exe | Offline | exe Formbook | abuse_ch |
| 2024-07-26 11:05:07 | http://104.219.239.104/xampp/bn/recreatednewthi... | Offline | doc Formbook | abuse_ch |
| 2024-07-26 11:05:07 | http://104.219.239.104/80/winiti.exe | Offline | exe Formbook | abuse_ch |
| 2024-07-25 07:44:06 | http://104.219.239.104/xampp/bh/simplethingstob... | Offline | doc Formbook |  NDA0E |
| 2024-07-25 07:44:06 | http://104.219.239.104/54/winiti.exe | Offline | exe Formbook opendir | NDA0E |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-07-31 10:40:07 | 158c8861036425f4e7b9df9a610a0e23d45a811c2916aa697cb01491b493e539 | exe | Formbook | |
| 2024-07-31 10:40:06 | 731274dfb1a00b9694101c7488bdfa2c9bba0588f75b09a8ade4e6c6f86fbcdd | rtf | Formbook | |
| 2024-07-30 18:11:06 | 7ad4e2e9091d961c63bd8a5de7c884df9c81c6395f35645f8c17befa50fa6bec | exe | Formbook | |
| 2024-07-26 11:05:07 | a424c4312f97747efa22a627aa0c77c4f11022d171e11d3eeff00dd77b737520 | rtf | Formbook | |
| 2024-07-26 11:05:07 | 434ec59b680788bae7f2935200a77e681cecbb517d853c6e6cf31f4cf112e5cc | exe | Formbook | |
| 2024-07-25 07:44:06 | 6ef3b7843981b66e6d7099c61920925c3d260a3bebf20fcda5711e824acc526a | exe | Formbook | |
| 2024-07-25 07:44:05 | 695852fbf40810c2c317bcb18e4851050b813d6a99fc99b4d7a9a258c0e93b84 | rtf | Formbook |