URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	176.65.142.190
Firstseen:	2025-04-01 05:33:02 UTC
Total malware sites :	35
Online malware sites :	0 (0%)
Offline Malware sites :	35 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-04-11 06:26:04	http://176.65.142.190/UPLOADD/steph.ps1	Offline		abuse_ch
2025-04-11 05:37:05	http://176.65.142.190/host/NEWFILEEE.ps1	Offline	AgentTesla	JAMESWT_WT
2025-04-11 05:37:04	http://176.65.142.190/host/kaywise22.txt	Offline		JAMESWT_WT
2025-04-11 05:37:04	http://176.65.142.190/host/sirdeeeee.txt	Offline		JAMESWT_WT
2025-04-11 05:37:04	http://176.65.142.190/host/SIRRDEE.ps1	Offline	Formbook	JAMESWT_WT
2025-04-11 05:37:04	http://176.65.142.190/host/newconvert.txt	Offline		JAMESWT_WT
2025-04-10 18:01:06	http://176.65.142.190/host/KEND.ps1	Offline	RemcosRAT	abuse_ch
2025-04-10 18:01:06	http://176.65.142.190/host/baggg.txt	Offline		abuse_ch
2025-04-10 18:01:05	http://176.65.142.190/BLACKYY/FAV.ps1	Offline	AgentTesla	abuse_ch
2025-04-10 18:01:05	http://176.65.142.190/BLACKYY/newbag.ps1	Offline	AgentTesla	abuse_ch
2025-04-10 18:01:04	http://176.65.142.190/host/bag.ps1	Offline	AgentTesla	abuse_ch
2025-04-10 18:01:04	http://176.65.142.190/host/KENTREMCOSSSSS.txt	Offline		abuse_ch
2025-04-10 18:01:04	http://176.65.142.190/host/sweet.txt	Offline		abuse_ch
2025-04-10 18:01:04	http://176.65.142.190/host/BAGG.ps1	Offline	Formbook	abuse_ch
2025-04-09 06:59:05	http://176.65.142.190/BLACKYY/newfilee.ps1	Offline	AgentTesla	abuse_ch
2025-04-09 06:59:04	http://176.65.142.190/BLACKYY/BAGGGG.ps1	Offline	AgentTesla	abuse_ch
2025-04-09 06:59:04	http://176.65.142.190/BLACKYY/favorite.ps1	Offline		abuse_ch
2025-04-08 05:52:05	http://176.65.142.190/BLACKYY/BAG.ps1	Offline	AgentTesla Formbook	abuse_ch
2025-04-07 18:17:06	http://176.65.142.190/Blackyy/NEWFILE.ps1	Offline	AgentTesla	abuse_ch
2025-04-07 18:17:06	http://176.65.142.190/BLACKYY/kkk.ps1	Offline	RemcosRAT	abuse_ch
2025-04-07 18:17:05	http://176.65.142.190/Blackyy/Fasvorite.ps1	Offline	AgentTesla	abuse_ch
2025-04-07 18:17:05	http://176.65.142.190/BLACKYY/SIRDEE.ps1	Offline	AgentTesla Formbook	abuse_ch
2025-04-03 07:15:06	http://176.65.142.190/Blackyy/aryaaa.ps1	Offline	RemcosRAT	abuse_ch
2025-04-02 07:58:04	http://176.65.142.190/Blackyy/UCHI.ps1	Offline	ascii Formbook opendir powershell ps1	abuse_ch
2025-04-02 07:58:04	http://176.65.142.190/Blackyy/believe.ps1	Offline	AgentTesla ascii opendir powershell ps1	abuse_ch
2025-04-02 07:58:04	http://176.65.142.190/Blackyy/kay.ps1	Offline	ascii DarkCloud opendir powershell ps1	abuse_ch
2025-04-02 07:57:04	http://176.65.142.190/Blackyy/arya.ps1	Offline	ascii opendir powershell ps1 rat RemcosRAT	abuse_ch
2025-04-02 07:57:04	http://176.65.142.190/Blackyy/air.ps1	Offline	AgentTesla ascii opendir powershell ps1	abuse_ch
2025-04-02 07:51:08	http://176.65.142.190/host/kim222.txt	Offline	ascii Encoded opendir	abuse_ch
2025-04-02 07:51:04	http://176.65.142.190/host/UCHI.ps1	Offline	ascii Formbook opendir powershell ps1	abuse_ch
2025-04-02 07:51:04	http://176.65.142.190/host/kim22.ps1	Offline	ascii opendir PhantomStealer powershell ps1	abuse_ch
2025-04-02 07:51:04	http://176.65.142.190/host/kimm.ps1	Offline	ascii opendir powershell ps1	abuse_ch
2025-04-01 05:34:04	http://176.65.142.190/host/newmuk.ps1	Offline	ascii opendir powershell ps1 rat RemcosRAT	abuse_ch
2025-04-01 05:33:04	http://176.65.142.190/host/believe.ps1	Offline	AgentTesla ascii opendir powershell ps1 rat RemcosRAT	abuse_ch
2025-04-01 05:33:04	http://176.65.142.190/host/kenttttttttttttttttt...	Offline	ascii opendir powershell ps1 rat RemcosRAT	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-04-11 06:26:04	e8bee4c83528db762f63c30fc95a29d6e9174e641555570b3e68533e0cdffa10	txt
2025-04-11 05:37:05	5ff4641877d989d4e29785dbb11b87ac071a823615716b56174192ac495d1849	txt	AgentTesla
2025-04-11 05:37:04	09ad032c25c6dd4cb498dd0310fd7b0d365b2d3037ab7ee016ee429ecc5e25df	txt
2025-04-11 05:37:04	c55b01c484fb69ac1b52ce517007e588fb71ba71cfa223888b50447066ae5149	txt
2025-04-11 05:37:04	6069f5926f0a2d5d6f77ca4990bc9af2b174dba5ca686784f10513225d9b54e2	txt	Formbook
2025-04-11 05:37:04	4c2cb94a45fc267f9a9eac003836e69b6df02a3633603ae32324e0d0f4143b43	txt
2025-04-10 18:01:06	16dead2763b203e89a6c4d79b9a9055ac008e03164ff0a77407061fa9f64513e	txt	RemcosRAT
2025-04-10 18:01:06	062939637659e6dd7804bd09d184257c53f7cbcec6bab616a1860163c022a46b	txt
2025-04-10 18:01:05	a5fde174a8292eb83260e47c1bf09390a535b4d67703fe029c7ad1fc6047f6cc	txt	AgentTesla
2025-04-10 18:01:05	f454ce90e38aa4127db6dbec75d90926a763ebc7a42623142a2ee0ba633f2ca5	txt	AgentTesla
2025-04-10 18:01:04	51706db02c34e326ff19a01a13c47c4ae5a0d29b2b36a1e4331b3fcfaf2e96e7	txt	AgentTesla
2025-04-10 18:01:04	685dd4dc879e47c60901e13e674e869476db5837783e2fb7f4c30cd69dd941cb	txt	Formbook
2025-04-10 18:01:04	8c07585a340f3f62f26acee61a59ea54048d809759f8f2d533fe44c049c1d4bf	txt
2025-04-10 18:01:04	5a1d5612e4bcbf247f82b0beeaa0287a5353fc9103bcd29a9b20aa17b4f56ad1	txt
2025-04-09 08:47:02	514425d5bc1aeeb410cf526e857c35f931df5036d3da982badb430feca9b2f2b	txt	AgentTesla
2025-04-09 06:59:05	b2d4557b6251dec7cdf0f590344f4e9f8bb8923014207b3c12b547d04469e3e0	txt	AgentTesla
2025-04-09 06:59:04	164cc89f14873d71d77c34f69f3e10e34945c43ec13efd6e277649799902e56b	txt	AgentTesla
2025-04-09 06:59:04	3ce7d677ffcc2264dbc85ed6c2b1bf9d7b26371de3dce2197e67d5e1e11b26b2	txt
2025-04-08 12:14:22	dbbcba0490586ba9c80e30193dff30aaa94301711cd6e18dcbfa80fd0c8c28ed	txt	Formbook
2025-04-08 10:42:02	e04bfe966cd48235e7b089086eb314f0ac3ff48a31a0d1821026bd697b43d932	txt
2025-04-08 08:21:54	3817303e929d090a141ad77703f7b2ad70bce498f13258a49005e5d317599e9a	txt	Formbook
2025-04-08 05:52:05	e54d74830d893592e245142c686605d01312360b8845b03af2ca54e655c9800c	txt	AgentTesla
2025-04-07 23:46:01	90c13cac1db46e2cb44781f4516635cba02eac07faa1b30082809eb630451a31	txt	AgentTesla
2025-04-07 18:17:06	35ca5d7d1ed7cf2418e0e2f1165aca96f2cf91345734bb637e4e16ea1ff4dc66	txt	AgentTesla
2025-04-07 18:17:05	8c92b202727822c9ad4f8931b5fc05941cf51dcdf1d0aa36b5c5ff8a61cfd5fb	txt	RemcosRAT
2025-04-07 18:17:05	f5633bca60eb54e2ac684e0d482fd982c550a3ad311f296bb67b97f4d30a7f9c	txt	AgentTesla
2025-04-07 18:17:05	1bc5650f5085e6a03109898ef6c51efcba4f4d7ba8b669681efa8a2edf27dc6f	txt	AgentTesla
2025-04-03 07:15:06	c56e8a42ddd4a9667a3e782b92de3931bef355994095d499593c53d616e0153e	txt	RemcosRAT
2025-04-02 07:58:04	f6d9198bd707c49454b83687af926ccb8d13c7e43514f59eac1507467e8fb140	txt	DarkCloud
2025-04-02 07:58:04	57ad727d4a017e949c3c9c1d9b5d52fc66f38f65dc0e156831a3199cfa054f5f	txt	AgentTesla
2025-04-02 07:58:04	c3f13102022fc7a6444117df441bbd4c7288e191f38c10adbef60cc270905a4f	txt	Formbook
2025-04-02 07:57:04	47dcaabdac8a66dd1ce965b7f2e6204a6d68b54eb7494f3f4cc6d069261bed8d	txt	RemcosRAT
2025-04-02 07:57:04	75476f57c0f287e02cad5e198df514c83afb506ff154db208606b29cb0288023	txt	AgentTesla
2025-04-02 07:51:08	2d75a81d0d5ba60374e2a77a1e45fced878385b2c87071f6415bd224a2da11e3	txt
2025-04-02 07:51:04	c3f13102022fc7a6444117df441bbd4c7288e191f38c10adbef60cc270905a4f	txt	Formbook
2025-04-02 07:51:04	4e28f186f3855291ec84b24da61938ab604d90d3121e1667f50bda632a5a3dd8	txt	PhantomStealer
2025-04-02 07:51:04	dfbc9d6f1e746bb1eeaf6f365786f1f3d4579a2c080dbc5d72bcb6ebae14e461	txt
2025-04-01 09:05:39	888203206f42985cefc31f5a0b7666c332709cbdddde1c0b15ac4f4c2f421f3b	txt	RemcosRAT
2025-04-01 05:34:04	bc0d5d1305d6f57741a41bdaf28cc7b56a410f736941731891f431ed32a83964	txt
2025-04-01 05:33:04	cf11d77b3a213a1794bf3ea357cd8e47d022939be35cdc73f30f480a9bfd705a	txt	AgentTesla
2025-04-01 05:33:04	9baed6767796c07cf7c2b77208836ff07e7fb0e9d3233c594ebc3ec32a060925	txt	RemcosRAT