URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 107.175.246.22
Firstseen:2025-09-15 13:25:04 UTC
Total malware sites :4
Online malware sites :0 (0%)
Offline Malware sites :4 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-09-15 13:25:17 107.175.246.22107-175-246-22-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-09-18 14:31:07http://107.175.246.22/img/zyn/IMAGESG____099988...Offlinehta PureLogsStealer abuse_ch
2025-09-18 12:11:16http://107.175.246.22/img/kbz/CleanImages___004...Offlinehta RemcosRAT ext abuse_ch
2025-09-16 08:30:07http://107.175.246.22/img/brz/module_table_bott...OfflineRemcosRAT ext abuse_ch
2025-09-15 13:25:17http://107.175.246.22/466/clearpicture________0...OfflineRemcosRAT ext abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-09-18 14:31:07a44f87a7e95409b0403eb626bd0afdb304a583a9da98c9fb6338cbdfb988c2e5htaPureLogsStealer
2025-09-18 12:11:16bdfcd29146887e7d3896d1e463382f5ccce620e01a36d3c2d6641e21d9d2d9f2htaRemcosRAT
2025-09-16 08:30:07880334a4f36170bd8c34b574a919596fd3ba56f2a810310feba377f90dfe49afhtmlRemcosRAT
2025-09-15 13:25:1708d4c48eae51e99498f9c8d9e4f1a0592f50883ebd066d6905aee6d4c4dd7dfchtmlRemcosRAT