URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	107.175.3.22
Firstseen:	2023-10-09 21:29:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-10-09 21:29:06	107.175.3.22	107-175-3-22-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-10-12 11:32:05	http://107.175.3.22/wgw/1/x8.x8.x8.x0x0.doc	Offline	doc opendir	abuse_ch
2023-10-12 11:31:05	http://107.175.3.22/wgw/2/x9.x9.x9.x0.x0.x0.doc	Offline	AgentTesla doc opendir	abuse_ch
2023-10-11 17:07:06	http://107.175.3.22/9w9/sihost.exe	Offline	AgentTesla	James_inthe_box
2023-10-10 14:23:15	http://107.175.3.22/236/sihost.exe	Offline	32 AgentTesla exe	zbetcheckin
2023-10-09 21:29:06	http://107.175.3.22/330/audiodgs.exe	Offline	AgentTesla	James_inthe_box

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-10-12 11:32:05	f9ee98593ac98a5f061d265bc0da08abc2fd37f4653987fce2a6b2f005f8117c	unknown
2023-10-11 17:07:06	9e2f5bad6acb0454f71026526cb9d5d78985ef6e566b433b04ba7aba5b277ddb	exe	AgentTesla
2023-10-10 14:23:15	cb371580851e963cfe4db1fa1953269d0c87acaaed578dd9fe670bc7a9d0df45	exe	AgentTesla
2023-10-10 02:31:17	cb371580851e963cfe4db1fa1953269d0c87acaaed578dd9fe670bc7a9d0df45	exe	AgentTesla
2023-10-09 21:29:05	5b5bbec5426595d0b6691f19add610017e667d14445e6d374c9c7e51ff1826cb	exe	AgentTesla