URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 107.173.101.114
Firstseen:2025-07-25 06:46:05 UTC
Total malware sites :11
Online malware sites :3 (27%)
Offline Malware sites :8 (73%)
Newest active malware site :2025-10-21 18:40:07 UTC
Oldest active malware site :2025-10-21 18:39:12 UTC (Age: 5 months, 0 days, 15 hours, 58 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-07-25 06:46:06 107.173.101.114107-173-101-114-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-10-21 18:40:07http://107.173.101.114:10000/?h=107.173.101.114...Onlineexe BlinkzSec
2025-10-21 18:40:07http://107.173.101.114:10000/?h=107.173.101.114...Onlineexe BlinkzSec
2025-10-21 18:39:12http://107.173.101.114:10000/swtOnlineLoader sh BlinkzSec
2025-10-21 18:39:05http://107.173.101.114/shell.ps1Offlinehuntio opendir powershell BlinkzSec
2025-07-25 06:46:09http://107.173.101.114/amd64Offlineopendir DaveLikesMalwre
2025-07-25 06:46:09http://107.173.101.114/mis.exeOfflineopendir DaveLikesMalwre
2025-07-25 06:46:09http://107.173.101.114/1.txtOfflineopendir DaveLikesMalwre
2025-07-25 06:46:08http://107.173.101.114/accput1Offlineopendir DaveLikesMalwre
2025-07-25 06:46:08http://107.173.101.114/3.txtOfflineopendir DaveLikesMalwre
2025-07-25 06:46:08http://107.173.101.114/sys.batOfflineopendir DaveLikesMalwre
2025-07-25 06:46:06http://107.173.101.114/st.shOfflineopendir DaveLikesMalwre

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-12-19 20:00:339b53b1602ab093243bbbbcb4158736d53bd63daa5b6d141a3a12b17eb8e4de7felf 
2025-11-19 18:53:287a9c902a754ff293993a4944ddea5b6d040194a4de628dca0e385df646a764c1txt  
2025-10-28 05:52:049dd5df725cde4f6913c4e895e068c4b4063d5eec26369fe44eba2809928a043ebat 
2025-10-24 09:32:01003d57484ea57ec50e4183203bb8e5f0a03af4691d8a38812171ee59ee1d4c55txt  
2025-10-23 16:41:542ea82b42143a78c8d2ab0089c0cc214967c64dc071361d337e98b6654f948680txt  
2025-10-21 21:57:59a1946fb8c1ebfdc5abc4f50289a6bc36a6b52a49034919086cbb381da963e542txt 
2025-10-21 18:40:07403e48b84d746dd2f6772ed63679acea36508e9bee762049431117a214537932exe 
2025-10-21 18:40:07ab500ad2b80fa0994cc521dbdf2619f4910498cef685aed0b58bd23a4e16988eexe  
2025-10-21 18:39:12a556e00a045dc49e98b2ededf7fe224c3416d80dc005855edb6b6db2657d8a27bat 
2025-09-29 16:02:5540008304c7746d1f018359880d02f727033092b2671479593ec35c613e62ec2ftxt  
2025-09-25 21:32:58c42ad8f3d62dbb70ff7971ba580b71baef4e77b5585da638f150ce189725ce74txt  
2025-09-12 10:37:03badba7248bbe74948e4b629ea940a5c1e1ed1e2f3209a4fc40c4693b8a43c1actxt  
2025-09-12 08:37:5586b0059431b05ccf97db1775a0fe8c694eb886d4ba6528bfb0beaac6fe4cf947txt  
2025-07-25 06:46:09f1b933666d2e597626a818cefb66489842d3f970125d27725d1110f6ff8242e8txt  
2025-07-25 06:46:09eb007fbbbc589b9d6ac7aa96e241bc7f46346f50d77df30291aaeb74ca6cceceexe  
2025-07-25 06:46:093f9b07cc0a8a2b4ae586b23dc4dbb5b7db94e384253ebe28a59ee489f1ca976belf 
2025-07-25 06:46:0891d52a58357b130e642639409784a84d327915ea861841ea8a295279842b811bbat  
2025-07-25 06:46:0816a2da23a04d72ffe0990a1463cdd28e1c8d43cdc088dfbf866ff70d8a966ea7txt  
2025-07-25 06:46:0746fae611cc6861956001481ca6a49e2472f98936dbb4b20c5221df95aa0528faelf