URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 180.214.236.4
Firstseen:2022-05-20 12:43:03 UTC
Total malware sites :20
Online malware sites :0 (0%)
Offline Malware sites :20 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-05-20 12:43:07 180.214.236.4Not listedAS135905 VNPT-AS-VN- VNyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-07-07 15:25:38http://180.214.236.4/gCloud/vbc.exeOfflineAnonymous
2022-07-07 15:25:35http://180.214.236.4/spacedisk/vbc.exeOfflineAnonymous
2022-07-07 15:25:34http://180.214.236.4/ms365cloud__/vbc.exeOfflineAnonymous
2022-06-29 08:16:06http://180.214.236.4/spacechips/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-22 12:29:07http://180.214.236.4/msoffice/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-06-20 10:56:06http://180.214.236.4/spaceX/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-17 08:53:06http://180.214.236.4/dataspace/vbc.exeOfflineAveMariaRAT ext exe opendir rat abuse_ch
2022-06-14 08:07:06http://180.214.236.4/sshsever/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-14 08:06:04http://180.214.236.4/http/vbc.exeOfflineexe opendir abuse_ch
2022-06-13 08:54:04http://180.214.236.4/filespace/vbc.exeOffline c_APT_ure
2022-05-31 16:05:12http://180.214.236.4/winspace/vbc.exeOfflineAveMariaRAT ext exe Formbook ext Quakbot ext AndreGironda
2022-05-26 09:16:06https://180.214.236.4/spacedata/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-05-25 17:14:06http://180.214.236.4/diskoncloud/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-05-25 12:09:06http://180.214.236.4/spacedata/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-05-23 07:49:06https://180.214.236.4/cloudprotect/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-05-22 04:11:06https://180.214.236.4/__cloud2protect/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-05-20 14:10:08http://180.214.236.4/winstream/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-05-20 14:10:07http://180.214.236.4/data_on_space/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-05-20 14:02:08http://180.214.236.4/cloudprotect/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-05-20 12:43:07http://180.214.236.4/__cloud2protect/vbc.exeOfflineexe Formbook ext opendir abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-06-30 04:43:3610ace39f9e927d92ee2ebaf33f2410a871c18aa295367c16d08fa6f250d15a59exe Formbook
2022-06-29 08:16:063ceb3ed9a8db042aa4e5d66bff5da99b4ffe1b1c6f21c06cf4b671e691bc3878exeFormbook
2022-06-28 13:30:19598b1677f6ceca86896ca050d5410cdaa9a5d2b192f1acee9ba0b764ea41de8fexeAveMariaRAT
2022-06-27 20:33:17736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2022-06-22 12:29:071cbd3337b16b5bc9cf9a448349daf9b7d1667bc689d992af9d15c5af950852f9exeFormbook
2022-06-21 08:36:259454ba36d9a763b8543f599961cafb7a33397340ccb59b17921748771d49cd43exeFormbook
2022-06-20 12:58:2839a3f149c23d6a96537aa6efeeedcd2dacb5d92103c736c115ef37a3054a6aa7exeFormbook
2022-06-20 10:56:0669abc132bf9e2db3f8d1feac013088c9915281b17c9ac918490e10cd64d7be2fexeFormbook
2022-06-17 08:53:0661ee9187ad822494bce27b65b3ff8c0213c1c92747bd00194dadc8f1a4efd6e6exeAveMariaRAT
2022-06-14 09:26:0538134fe55100f4b90d1522f444547f670c8e197754d84ec0c83fe22bc352c22eexeFormbook
2022-06-14 08:07:0614289ebd3045789ebca63bb2952a2d4fb9f599a651859b4a3fc6c091546dc20dexeFormbook
2022-05-31 16:05:1203afe03b821266f668f181875a9683080569a0d61f4aee52bc9b5597299b3b85exeFormbook
2022-05-26 09:16:06b9148dfec92ec25753e9a70e51ef698bc44a66be852a84b6e5296f873cf0ea79exeFormbook
2022-05-26 08:37:58b9148dfec92ec25753e9a70e51ef698bc44a66be852a84b6e5296f873cf0ea79exeFormbook
2022-05-25 17:14:063caaa84ffcbd28e8f6a95a11a8101508c06ee47dd00a93b0d52960e351e4a97cexeFormbook
2022-05-25 12:09:06bc56169e0d244106d996f013991bc22087310511ee4a5eb00605132970ece0aaexeFormbook
2022-05-23 07:49:06814f2e3ff651afd0a82fe2b2c953c27e8ffda9df3fd7232681da30d29573271fexeFormbook
2022-05-23 07:17:29814f2e3ff651afd0a82fe2b2c953c27e8ffda9df3fd7232681da30d29573271fexeFormbook
2022-05-23 07:14:24814f2e3ff651afd0a82fe2b2c953c27e8ffda9df3fd7232681da30d29573271fexeFormbook
2022-05-23 07:09:07814f2e3ff651afd0a82fe2b2c953c27e8ffda9df3fd7232681da30d29573271fexeFormbook
2022-05-22 04:11:0619dcc4800e5e1b9a286a94597fa408a1d90e6789896907ccf59ed4d328831150exe Formbook
2022-05-20 14:17:3619dcc4800e5e1b9a286a94597fa408a1d90e6789896907ccf59ed4d328831150exe Formbook
2022-05-20 14:10:0813f3e02e0795dd88cc0396a1e15856609cd64931649e2bd2aa6c7e39d5315607exeFormbook
2022-05-20 14:10:07eede6251d0a1dd7b1d81c22bc1fb75c328bb109c23215d5090c5394f843b3fdcexeFormbook
2022-05-20 14:02:08d8e0fd32eb51496e7f66b76ff106753742988dee2974cf885825a6d9aa8ee5f3exeFormbook
2022-05-20 12:43:07d8e0fd32eb51496e7f66b76ff106753742988dee2974cf885825a6d9aa8ee5f3exeFormbook