URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 181.206.158.190
Firstseen:2025-01-15 08:07:04 UTC
Total malware sites :21
Online malware sites :1 (5%)
Offline Malware sites :20 (95%)
Newest active malware site :2025-08-06 18:27:11 UTC
Oldest active malware site :2025-08-06 18:27:11 UTC (Age: 3 months, 14 days, 10 hours, 20 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-01-15 08:07:06 181.206.158.190Dinamic-Tigo-181-206-158-190.tigo.com.coNot listedAS27831 Colombia_Mvil- COyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-08-06 18:27:15http://181.206.158.190/CopilotDriver.jsOfflineRemcosRAT ext JAMESWT_WT
2025-08-06 18:27:11http://181.206.158.190/CopilotDrivers.jsOnlinePureLogsStealer RemcosRAT ext JAMESWT_WT
2025-08-06 18:27:11http://181.206.158.190/WMIEventLogs.jsOfflineAsyncRAT ext CaminhoLoader dcrat PureLogsStealer JAMESWT_WT
2025-06-09 17:48:46https://181.206.158.190/Update.vbsOfflinecensys opendir PureLogsStealer RemcosRAT ext vbs NDA0E
2025-06-09 17:48:01https://181.206.158.190/CopilotDriver.vbsOfflinecensys opendir PureLogsStealer RemcosRAT ext vbs NDA0E
2025-06-09 17:47:38http://181.206.158.190/WMIEventLog.vbsOfflineAsyncRAT ext censys opendir vbs NDA0E
2025-06-09 17:46:49https://181.206.158.190/WMIEventLog.vbsOfflineAsyncRAT ext censys opendir vbs NDA0E
2025-06-09 17:46:40http://181.206.158.190/CopilotDriver.vbsOfflinecensys opendir PureLogsStealer RemcosRAT ext vbs NDA0E
2025-06-09 17:46:05http://181.206.158.190/WindowsUpdate.vbsOfflinecensys opendir vbs NDA0E
2025-06-09 17:46:04http://181.206.158.190/ActWindowsUpdate.vbsOfflinecensys opendir vbs NDA0E
2025-06-09 17:46:04https://181.206.158.190/WindowsUpdate.vbsOfflinecensys opendir vbs NDA0E
2025-06-09 17:46:04https://181.206.158.190/ActWindowsUpdate.vbsOfflinecensys opendir vbs NDA0E
2025-04-18 17:04:49http://181.206.158.190/12345.vbsOfflineopendir vbs DaveLikesMalwre
2025-04-18 17:04:06http://181.206.158.190/defender.vbsOfflineopendir vbs DaveLikesMalwre
2025-04-18 17:04:04http://181.206.158.190/programa.vbsOfflineopendir vbs DaveLikesMalwre
2025-04-18 17:04:02http://181.206.158.190/ups.vbsOfflineopendir vbs DaveLikesMalwre
2025-04-09 21:15:04http://181.206.158.190/ActDefender.vbsOfflineopendir vbs DaveLikesMalwre
2025-04-09 21:15:04http://181.206.158.190/exclusion.vbsOfflineopendir vbs DaveLikesMalwre
2025-01-30 22:59:14http://181.206.158.190/Update.vbsOfflineascii opendir PureLogsStealer RemcosRAT ext vbs DaveLikesMalwre
2025-01-30 22:59:08http://181.206.158.190/DriverW.vbsOfflineascii opendir vbs DaveLikesMalwre
2025-01-15 08:07:06http://181.206.158.190/Windows.vbsOffline s1dhy

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-11-18 16:57:53fc3b9165579c86d38360ce71c55d5b68750669c3afab4e841926ec3262b542c6js  
2025-11-15 06:11:38a7143049467585b7382d389a9f183901e893f8c10165968964607019e7b8a0d9js AsyncRAT
2025-11-15 00:59:243a1cc2ad702cc9c16b1ecb0ddca2f00f8fd041bb246e36e7af4920a0ee025f4ejs RemcosRAT
2025-11-10 17:21:126a3740fb7a4d81989c767b0e7f772284f89d5f6852e2c8010497a0dc046c93dcjs  
2025-11-10 17:17:14da1d51e8f758efc94d9c1c83639b85218b6289073d29fde27e2061ab9d31779fjs RemcosRAT
2025-11-08 01:19:27825f309696ce68af5715a359001f9602f8edeecd8cac56f968a5797a39a96aacjsAsyncRAT
2025-11-08 00:16:47f7c88eb25216b886d7f675ae5c763670ce40fecdc07b6dbeab4d4749995389e8jsRemcosRAT
2025-11-06 23:46:34c930d0c996f5d83b962b986c2bf9bb3c1fcf5761341fce85c1235d7fa8b4496bjs RemcosRAT
2025-11-06 17:31:11a7799beec368393195dfe5488eef2ceeb867d016df5913a38730c69ea73f90d0js AsyncRAT
2025-11-04 19:16:540a212e746c1547f2d721384b5e8b23f1914df7bf436933d1ec05041ad295a388js CaminhoLoader
2025-11-04 18:34:5915d06f0f7b6bf7f36fd512d786647ec502f7f3e5b839bf7dc7eff86459780d26jsRemcosRAT
2025-11-04 10:57:38568b0cc3a0ac06ec4d130bc00df12484031138f7c4b0c02f7655eb987a1d0133js CaminhoLoader
2025-11-03 23:49:03f2288d4b43bc586d8617e48ad7259e600819e4c5907e403faeb068380abf35a1jsRemcosRAT
2025-10-30 22:50:168f745805307819c45ecd4e7a8afb11c56c235e9fef21415a1b7d23a92081365ejs  
2025-10-30 22:49:3808ecdfc48cc0263682f8da9a3a890f6a6a8da04fab85c23237b52e765256a8c8js AsyncRAT
2025-10-27 16:53:20e194ede9daa12d75918bb6a145663ab7653b89841cfe4ff846e5a9b8204d9445js RemcosRAT
2025-10-27 16:25:577a234dbdd2bf8d110541f84e60483a2956c94013ad287bd9fb579641a7eb5b43jsDCRat
2025-10-23 11:07:57bc3256923666bf962f3a03a103716a529ef7efb58b018b4b714ce1bc4f261128txtRemcosRAT
2025-10-23 10:36:39bc3256923666bf962f3a03a103716a529ef7efb58b018b4b714ce1bc4f261128txtRemcosRAT
2025-10-22 23:33:052f5280d0e93ebc9e8e54143216ab0fc87732a9b55594bf743f08af1c25db7ffdjsAsyncRAT
2025-10-22 17:20:015b8258f1483c13d399f91fe6b71b364f8d941b0030aa5e4b6f5c4aa29fa74667jsRemcosRAT
2025-10-21 17:55:218581037c65e43323ae5228aab9ee03026d723fa9a2139e90032e179d4a4b3552js 
2025-10-21 17:39:06b2b7969521f4513a7a34965cbacac4cd7fa3a1ac58b832676af3f6dcab73da47jsRemcosRAT
2025-10-20 17:04:3301ee90a2b1295348dc4495943a09cdaa2941a30476c5f7a3054f905f106068a0jsAsyncRAT
2025-10-20 13:59:178cce07678037a7962fb05d5da9fb8cef36a31265e1800e96158ca77b68f1aa73jsRemcosRAT
2025-10-16 17:23:48e325739a89ae203f7cbef2d82ea6a338f94bf209469f86cf3bb7b11816d9a32dunknown  
2025-10-16 15:32:33d66d1402cfd62ad240d1abde1eeee0bcdf6e60c9ef2553d835219c3fa4e9c25cjs  
2025-10-14 15:59:46e3a290ca9a4ad9f42f70f16e6fbb74ad9c2699c308ff78bb78b85333c86996e8jsRemcosRAT
2025-10-11 23:12:190ecc14a1a687df20987ac62bbf7c02d213b60a5ca17ae3b72e7307e0edbea08ejs  
2025-10-11 21:21:0703def7865fa7f571cf2616419e7bbefda214dc8ea3e91494dd1196b63243ccc4js  
2025-10-06 21:04:251543674e63388eb2c4c4c7e7068bf2eec96fadf8a145a9a89aaf4d41cd37c84ejsAsyncRAT
2025-10-04 17:31:430bc268cbd5cd8a154b5cd8229324b933502162fb71d26e82c977e764b036d084js AsyncRAT
2025-10-04 16:29:5926bf672799748d939e4f7bb0e918662cf729190d88983570493b381d28aaf548js RemcosRAT
2025-10-03 06:41:160fd413e42a4bcb87d0d4af5b5cd93d7f3cbfdd9f3ddb469784aa6f3006628307jsRemcosRAT
2025-10-03 03:47:52495dba44039315841568fb47d0d1a0bab798f4ff258286e1c79133fa643afd72jsAsyncRAT
2025-10-02 16:05:017a0275a7bc16d35db2f61ea16e3641a5ca153a15d95aa9996ad1942846c23365jsRemcosRAT
2025-10-01 16:09:29a2c4e8fbfd02dbb470d69cf011c2c9c48c942d7796eb7bc9f3c99268ec1c7ee9jsRemcosRAT
2025-10-01 16:00:3894a9603a7bf10e9ab16659502c08d91dbd7eaa8945523ba1f51531aa9067919djs 
2025-09-30 22:48:03e3e0aba5e724765caa362af0733dec98474d620b841dca89052381bc99dec77ejsAsyncRAT
2025-09-30 17:01:4622010eb35edf4538aa6722a4b22f9d2863cd838aec498de6684580778e6797b4jsRemcosRAT
2025-09-29 15:46:47fd4d00bae2df04c1a094100cd8185ab83a38ddb2a29292ba6174ce4bd9ed524cjsAsyncRAT
2025-09-29 15:40:00eeea9b867e41b41a668fac9bf10ccf8d0b1486f023f773934b4f3aba1315ad5cjsRemcosRAT
2025-09-25 16:14:028d627a1772349b5c86f7750bd209cc88055c3f0593a37e695dcbc3d7784a8868js  
2025-09-25 05:23:4539ac8ebbe42e56c4a83b357111952ab070a55b42a65531fc17080420eb3c4f11js 
2025-09-22 21:51:23f44cdd60d6f55957300e0521992a281b50daf5098f28eeb18a0ea8f755982938js  
2025-09-22 21:34:537e920c0242c776dd73a6e62a4820a2a01008e6fedfdb5c9a438c50b7bc06c745js  
2025-09-19 21:15:0395a612e9a5e4626d7381075b777c4535a94f9ac5bed5e7e3dcbec69669cef49cjs  
2025-09-17 05:55:594133198dcc1f423b3ef56fcb9a66d6c84366d3ed23c95cf5d2a71efe229bd7eejs 
2025-09-17 03:38:56c6a9bf1f17099352d2823ec20b6ad37f8737d371f876ba6249ecddce9655ebd0jsAsyncRAT
2025-09-15 21:16:05dd031f0a09392ed7c74d3b51641093f5eeed38f87d65e6c3886d63dd1e240aaejsAsyncRAT
2025-09-15 14:45:37d589a0e9f5da14db597540dca8f91d852ddc9a23749a49e1a607ba112a692ae7jsRemcosRAT
2025-09-11 20:29:39ee6e1100d6b85519aeb3ea6ea08c079360abcd095f646470261e4cbfb6c9122cjsAsyncRAT
2025-09-11 15:32:458630f6b45fcfcd7c4e421b6be38123d4469d1497f62ddf892063c659a57fc107js 
2025-09-09 21:42:28441f2c33a9e2c580f46fee37c6a3d70a9d2a19349fdced77815c47f95c1043f0txt 
2025-09-09 21:16:57cda529c9ab35409e84865743e8f1b5e8102d9587bafd3bd52389657fe19823dbjs 
2025-09-09 20:51:05441f2c33a9e2c580f46fee37c6a3d70a9d2a19349fdced77815c47f95c1043f0txt 
2025-09-09 20:45:40441f2c33a9e2c580f46fee37c6a3d70a9d2a19349fdced77815c47f95c1043f0txt 
2025-09-09 20:42:47d72cac0b7d27f0cfecfa5d3e7289313b8ff25917d7b850073c3a8453367db200js 
2025-09-09 20:41:32441f2c33a9e2c580f46fee37c6a3d70a9d2a19349fdced77815c47f95c1043f0txt 
2025-09-08 20:21:232cc5bebca89f92985546812446b5be68982190ead2ba57f1a441f629289af5a6js  
2025-09-06 03:33:54a67bbf80bdf9f555d4342716a9f240526f8e6bde9674bd0574c5a1bc8bd61f12jsRemcosRAT
2025-09-05 20:58:31ac958443e313035f638e2efac96a51a63cc56072bb6b92233cc86cfc21eb599djsAsyncRAT
2025-09-04 21:29:54bd14c04b9eebb0ed93ed19d0bce20c053bd41a16f55d5e7479d72344f3100535txt 
2025-09-04 20:37:36bd14c04b9eebb0ed93ed19d0bce20c053bd41a16f55d5e7479d72344f3100535txt 
2025-09-04 08:00:41021bb843f0e3eaef2524b16e455d7ab5dfae27d367d03d8c03ba7f9ab6704a74jsAsyncRAT
2025-09-04 03:17:45d74c96e1f784b55f00354bd116442320e76b6d202feda335fdda15b39972225djs  
2025-09-03 14:08:403b40cbd70c8f42a757ebb650ad908de05dbc647ade92e773cb17e62ea5c0bac1jsAsyncRAT
2025-09-03 13:58:0530cb3d0f6e29058d74e4b70d429625c9f1fd4836490c0f3f03eb808e5e3a41b8js 
2025-09-01 20:57:25d84b28f6ce7bca728fdf5eea7ed6cc3d6bed66d189c9218484d62fda4d5a4c9cjsRemcosRAT
2025-09-01 15:12:51301f159cf144cbe704b265c941b6761c80ea79b8d10aa9697a0c069c5b887521jsRemcosRAT
2025-09-01 14:35:181ad225bf21122cebbf94030be1198b796e6d1c4a90c850791f929d98ab5649fcjsAsyncRAT
2025-09-01 03:13:06c306ddc1461d1fa667449659b33784d8990462a7fa73b1c06244fd341434d250js 
2025-09-01 02:55:345cf3e2d210554addcabebbb3814a2c6a64920fd1d4b42b6a2339769ffbaf71aajs 
2025-08-30 20:46:40bfc835281122b15d31170d707d064ac0b7a249f725c7db61a94588db578f3d12js  
2025-08-30 14:58:5396daa7166fc112ea225cba8726ace8d6d24e6a54f8f44543dfba262232ba43bajs  
2025-08-29 14:47:41edbeed89401bbd34ba546a09df74be983c5bdcb5e014083a73f73555dbb09770js 
2025-08-29 13:53:3041a3172a639f16af21eb98364671c2176cd6fb84fc59189d5bdd61dcf65435c3js 
2025-08-28 20:35:31b717cf4f32b23a20d7f283ace649b8a9b2846adf48d68c957fd9c05413ccbd5djs  
2025-08-28 19:58:27701ab3e62350ccd7e6db747721737a9df075279316a4a547bd4a9f0c22bc4c60js  
2025-08-28 16:06:50150ff975933ac77467341b0b658ae6184d68c1188a24c0fe1a1f721cad590602txt  
2025-08-28 14:59:430637a23f106647eee5c673112ee0c31675da37b0098d483ec9604e926d5b37adjs  
2025-08-28 14:59:15150ff975933ac77467341b0b658ae6184d68c1188a24c0fe1a1f721cad590602txt  
2025-08-27 20:48:14fdfd0f15edc37a86c89c5f6672edffbe8b8ed986e5eca3b6cad60da94f85cf9djs  
2025-08-27 20:17:420b6f83dde52cdeaf2e435576c012a1b123d8a6a1c43ad16db1583c503e6c75d8js  
2025-08-26 20:25:066b3897c1830e668a62a95d9cfc8f335d1acce31da25022b4e2e53ca5926c974bjsRemcosRAT
2025-08-26 19:30:13eeb981e94f2057d42fd863c9d1cdeaa66aa51680f84717b6fc59631cbb4dc770jsAsyncRAT
2025-08-26 15:46:13a27c9851ad59b8ea7b0a3ce59295e95fead90ecdb60c20d00fddf798ee8a8e56js 
2025-08-26 04:21:535299652240406b9dd2f4fbd6688ec479fa48cbb9bdba82c4ec080118034ecd27js 
2025-08-26 03:42:05a24bab299bf335f719defb7555f950c3b64f7ce32e19bdfebfb1c4ccce57c117jsDCRat
2025-08-25 14:28:53c6ec35db45db86043aa7dc613c5e58625e6d9922c2071d876de03402d17832a1js 
2025-08-25 13:24:389c259e27bd8ba5bc121b852f249a10806cd7f7b9b4aed5eca4855df67dc41a17jsAsyncRAT
2025-08-25 08:53:26b53972cc318699e3b835a058d99c00b6a6337b4f40faca8df8bd6b099a5d0fbdjsAsyncRAT
2025-08-25 07:20:5005f9feab8e75164cceace6fca0787ec980c09e01f7fde68a4ac813097953160ajs 
2025-08-25 01:46:29ab241fc6d007714e66840aaa0f72165e744cc970515f5de973313c82851e6962jsAsyncRAT
2025-08-24 20:43:20dacfee8b1805f6536369bf401c7104946429f2e68c4e7143b60d9153b23c7c76jsRemcosRAT
2025-08-23 14:25:07ae26622fa1afe1c5d668220ed1ceddda90b642d5ccdcedbf2d88c7320d47dac6js 
2025-08-23 13:50:01e7ef795b332cb3eb29955a21afc938a92a47d09425ab9d7e65573371db560babjs 
2025-08-23 08:57:01e9117a2c0d9967beb93d8a7c63c95b8791ea2df714b21b9d3378c08908644f4funknown  
2025-08-23 08:52:39ac4f52f2a9cd30338e5a41ed8330255617f8f51899e14e6199c64f4df54f6e34txtRemcosRAT
2025-08-23 07:58:1489f379f3c244456381a5ac1ffa1530471ef70db4e1a2dd91068ffbc095273dd8txtRemcosRAT