URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 192.3.101.160
Firstseen:2023-03-02 12:41:04 UTC
Total malware sites :12
Online malware sites :0 (0%)
Offline Malware sites :12 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-03-02 12:41:12 192.3.101.160192-3-101-160-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-03-28 06:25:07http://192.3.101.160/58/vbc.exeOfflineexe opendir SnakeKeylogger ext abuse_ch
2023-03-25 14:45:07http://192.3.101.160/720/vbc.exeOfflineexe Loki ext opendir abuse_ch
2023-03-22 16:22:04http://192.3.101.160/232/vbc.exeOfflineexe Loki ext opendir abuse_ch
2023-03-22 04:41:04http://192.3.101.160/429/vbc.exeOffline32 AgentTesla ext exe zbetcheckin
2023-03-21 10:31:05http://192.3.101.160/428/vbc.exeOfflineexe Loki ext opendir abuse_ch
2023-03-14 19:33:07http://192.3.101.160/986/vbc.exeOfflineexe opendir SnakeKeylogger ext abuse_ch
2023-03-14 19:33:06http://192.3.101.160/987/vbc.exeOfflineexe opendir SnakeKeylogger ext abuse_ch
2023-03-08 21:09:06http://192.3.101.160/708/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2023-03-08 21:09:05http://192.3.101.160/709/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2023-03-07 14:00:09http://192.3.101.160/205/vbc.exeOfflineAgentTesla ext exe SnakeKeylogger ext abuse_ch
2023-03-07 14:00:09http://192.3.101.160/206/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2023-03-02 12:41:12http://192.3.101.160/204/vbc.exeOfflineAgentTesla ext exe abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-03-28 06:25:07f1a4fd0ba166dd905af0029c7f759f23c52481e050fa067d4a8ac6866d71090dexeSnakeKeylogger
2023-03-25 14:45:07ad2f8e24ee2aae18fc8c64b281fc251801a945afc8ba9c5c9985918302b1881aexeLoki
2023-03-23 11:23:59ad2f8e24ee2aae18fc8c64b281fc251801a945afc8ba9c5c9985918302b1881aexeLoki
2023-03-22 16:22:04a0ef0f452724443925f9eaadbdedbfe2f8b4726083dd64339b6fe5b61ff8b640exeLoki
2023-03-22 10:14:20a0ef0f452724443925f9eaadbdedbfe2f8b4726083dd64339b6fe5b61ff8b640exeLoki
2023-03-22 08:36:1506fbd1900a9a993402efb677573777a39f6f691d72816b47d7431ac2d50ad71aexeLoki
2023-03-22 04:41:0444daf0f79a8c0f762378b5418a90d3b15925d4be8f35be293bc2ef657aee7078exeAgentTesla
2023-03-22 00:15:45140d4eba0a888ce6c948c02141b87249a2dfc7500d7072c1af38a117c3e2b009exeLoki
2023-03-21 10:31:05410ac5c6ae8518b18513c6ca3695e5099648f159f6365a604bc6026f55f28a04exeLoki
2023-03-14 19:33:07d9036202ba3ef094e1d76a4895b78542a774a58b9398157071e9f23280a2f5eaexeSnakeKeylogger
2023-03-14 19:33:053a0e48b59320e5d800ec6026993ee87ae2b61971d41b4dcb44d856ef1afaa958exeSnakeKeylogger
2023-03-08 23:18:13941433dc505291a29e0de2a538b9cde05b284f81ae55b458979e81daebdce17fexeAgentTesla
2023-03-08 21:09:06236ef5e6c521e97852b9b70fa11757ad408e21e3560bbe41d8f45701093b30c4exeAgentTesla
2023-03-08 21:09:052f158e546b8b058f09ca3ef1ca87a4d6d03c13b01ee6d2cf0eb9e2b308dd9c1bexeAgentTesla
2023-03-08 09:59:062f158e546b8b058f09ca3ef1ca87a4d6d03c13b01ee6d2cf0eb9e2b308dd9c1bexeAgentTesla
2023-03-07 14:00:09c7118fec7d8d5039bdddef1ca99be4a490a036a792cd65085c61814848667fe8exeAgentTesla
2023-03-07 14:00:093f92bf4694bf1f903d68a590a096f40b8d0f4df9a2545019c9f9cee086117b83exeSnakeKeylogger
2023-03-02 12:41:06887c8e284ad54742eb361493ef8614643521de5d2ee565afd258635b72dba2ccexeAgentTesla