URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	107.173.47.164
Firstseen:	2025-05-16 19:11:03 UTC
Total malware sites :	30
Online malware sites :	0 (0%)
Offline Malware sites :	30 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-16 19:11:05	107.173.47.164	107-173-47-164-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-05-20 07:19:03	http://107.173.47.164/960/seeingwithfutrwewillr...	Offline	rat RemcosRAT	abuse_ch
2025-05-19 17:26:06	https://107.173.47.164/970/botharefgoodformajor...	Offline	ascii censys Encoded RemcosRAT rev-base64-loader	NDA0E
2025-05-19 17:26:06	https://107.173.47.164/800/bestkingsgivenmegood...	Offline	censys vbs	NDA0E
2025-05-19 17:26:06	https://107.173.47.164/900/weneedbetterperofman...	Offline	ascii censys Encoded jalapeno rev-base64-loader	NDA0E
2025-05-19 17:26:05	https://107.173.47.164/800/bestkingsgivenmegood...	Offline	ascii censys Encoded jalapeno rev-base64-loader	NDA0E
2025-05-19 17:26:04	https://107.173.47.164/960/seeingwithfutrwewill...	Offline	censys vbe	NDA0E
2025-05-19 17:26:04	https://107.173.47.164/950/withnodenczgirlfrien...	Offline	censys vbe	NDA0E
2025-05-19 17:26:03	https://107.173.47.164/970/botharefgoodformajor...	Offline	censys vbe	NDA0E
2025-05-19 17:26:03	https://107.173.47.164/900/weneedbetterperofman...	Offline	censys vbs	NDA0E
2025-05-19 17:26:03	https://107.173.47.164/xampp/kgc/verygoodmornin...	Offline	censys vbe	NDA0E
2025-05-19 17:25:07	https://107.173.47.164/970/nko/botharefgoodform...	Offline	censys hta RemcosRAT	NDA0E
2025-05-19 17:25:07	http://107.173.47.164/970/nko/botharefgoodforma...	Offline	censys hta RemcosRAT	NDA0E
2025-05-19 17:25:07	https://107.173.47.164/800/bnm/bestkingsgivenme...	Offline	censys doc RemcosRAT	NDA0E
2025-05-19 17:25:06	https://107.173.47.164/900/wcg/weneedbetterpero...	Offline	censys doc RemcosRAT	NDA0E
2025-05-19 17:25:06	https://107.173.47.164/950/wec/withnodenczgirlf...	Offline	censys doc RemcosRAT	NDA0E
2025-05-19 17:25:06	https://107.173.47.164/xampp/kgc/kgn/verygoodmo...	Offline	censys hta RemcosRAT	NDA0E
2025-05-19 17:22:11	http://107.173.47.164/970/botharefgoodformajorw...	Offline	ascii censys Encoded RemcosRAT rev-base64-loader	NDA0E
2025-05-19 17:22:10	http://107.173.47.164/800/bestkingsgivenmegoodg...	Offline	ascii censys Encoded jalapeno rev-base64-loader	NDA0E
2025-05-19 17:22:09	http://107.173.47.164/900/weneedbetterperofmanc...	Offline	ascii censys Encoded jalapeno rev-base64-loader	NDA0E
2025-05-19 17:22:06	http://107.173.47.164/960/seeingwithfutrwewillr...	Offline	censys vbe	NDA0E
2025-05-19 17:22:05	http://107.173.47.164/970/botharefgoodformajorw...	Offline	censys vbe	NDA0E
2025-05-19 17:22:03	http://107.173.47.164/800/bestkingsgivenmegoodg...	Offline	censys vbs	NDA0E
2025-05-19 17:22:03	http://107.173.47.164/900/weneedbetterperofmanc...	Offline	censys vbs	NDA0E
2025-05-19 17:22:03	http://107.173.47.164/950/withnodenczgirlfriend...	Offline	censys vbe	NDA0E
2025-05-19 17:21:06	http://107.173.47.164/900/wcg/weneedbetterperof...	Offline	censys doc RemcosRAT	NDA0E
2025-05-19 17:21:06	http://107.173.47.164/800/bnm/bestkingsgivenmeg...	Offline	censys doc RemcosRAT	NDA0E
2025-05-19 17:21:06	http://107.173.47.164/950/wec/withnodenczgirlfr...	Offline	censys doc RemcosRAT	NDA0E
2025-05-16 19:37:05	http://107.173.47.164/xampp/kgc/verygoodmorning...	Offline	ascii Encoded rat RemcosRAT rev-base64-loader	abuse_ch
2025-05-16 19:37:03	http://107.173.47.164/xampp/kgc/verygoodmorning...	Offline	rat RemcosRAT	abuse_ch
2025-05-16 19:11:05	http://107.173.47.164/xampp/kgc/kgn/verygoodmor...	Offline	hta RemcosRAT	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-05-19 17:26:06	b7c983760330e601d3b2ce2351883f0b6c6acbc4bcaaf730d9a4daf9cff41ef5	txt	RemcosRAT
2025-05-19 17:26:06	72550b35ad6fec5040f8252a0883decdfed9e5654b6e36cc47b765b91e0ad7c3	txt	Jalapeno
2025-05-19 17:26:05	72550b35ad6fec5040f8252a0883decdfed9e5654b6e36cc47b765b91e0ad7c3	txt	Jalapeno
2025-05-19 17:26:04	d9146a6642b935502050ac7e806fcad577f9de4ca1ed271b4e1c65cfa65a31de	unknown
2025-05-19 17:25:07	7669571ab106028c768ca287ed8d40f62f74a8620a1814e00906bf5019648b24	hta	RemcosRAT
2025-05-19 17:25:07	7669571ab106028c768ca287ed8d40f62f74a8620a1814e00906bf5019648b24	hta	RemcosRAT
2025-05-19 17:25:07	d27160038bbf4bd911730c5811a5ef2fef1dc93d1254517b5c0de4c8125dadd8	rtf	RemcosRAT
2025-05-19 17:25:06	9b644fcaed6386b1256248258a1946248d29e72949ba28bdc279f5f326f81a3b	hta	RemcosRAT
2025-05-19 17:25:06	79f087b11cd793f4f98c53a7d22a8fcddc55f3dac9df131c5c4bf8617ff47593	rtf	RemcosRAT
2025-05-19 17:25:06	d030fe317f1fc1a09b33063b42d68a8d81d07688bd918e7e30c1b55a5ade4b62	rtf	RemcosRAT
2025-05-19 17:22:11	b7c983760330e601d3b2ce2351883f0b6c6acbc4bcaaf730d9a4daf9cff41ef5	txt	RemcosRAT
2025-05-19 17:22:10	72550b35ad6fec5040f8252a0883decdfed9e5654b6e36cc47b765b91e0ad7c3	txt	Jalapeno
2025-05-19 17:22:09	72550b35ad6fec5040f8252a0883decdfed9e5654b6e36cc47b765b91e0ad7c3	txt	Jalapeno
2025-05-19 17:22:06	d9146a6642b935502050ac7e806fcad577f9de4ca1ed271b4e1c65cfa65a31de	unknown
2025-05-19 17:21:06	d030fe317f1fc1a09b33063b42d68a8d81d07688bd918e7e30c1b55a5ade4b62	rtf	RemcosRAT
2025-05-19 17:21:06	d27160038bbf4bd911730c5811a5ef2fef1dc93d1254517b5c0de4c8125dadd8	rtf	RemcosRAT
2025-05-19 17:21:06	79f087b11cd793f4f98c53a7d22a8fcddc55f3dac9df131c5c4bf8617ff47593	rtf	RemcosRAT
2025-05-17 17:06:59	9b644fcaed6386b1256248258a1946248d29e72949ba28bdc279f5f326f81a3b	hta	RemcosRAT
2025-05-16 19:37:05	e2d43327510827a15a837f0f18ff9d7b41c9435d2ee32382f73afbc21d25021c	txt	RemcosRAT
2025-05-16 19:11:05	38e712338e7f7c03ea06226651766329e90eb80ac9f7eaafa9b2792fd43bab78	hta	RemcosRAT