URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	192.3.108.47
Firstseen:	2023-08-25 12:15:07 UTC
Total malware sites :	24
Online malware sites :	0 (0%)
Offline Malware sites :	24 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-08-25 12:15:07	192.3.108.47	192-3-108-47-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-10-17 11:03:07	http://192.3.108.47/iso/bh.txt	Offline	AgentTesla ascii Encoded	abuse_ch
2023-10-17 11:03:06	http://192.3.108.47/iso/audiodgse.vbs	Offline	ascii opendir vbs	abuse_ch
2023-10-17 11:03:05	http://192.3.108.47/iso/HTMLcache.dOC	Offline	AgentTesla doc opendir	abuse_ch
2023-10-17 10:57:07	http://192.3.108.47/2114/UBC.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-10-17 10:57:05	http://192.3.108.47/2114/HTMLcache.doc	Offline	doc opendir	abuse_ch
2023-10-17 10:57:05	http://192.3.108.47/2114/FF/RBLnetwork.vbs	Offline	AgentTesla ascii opendir vbs	abuse_ch
2023-09-20 16:57:04	http://192.3.108.47/214/2/TiWorker.hta	Offline	hta opendir	abuse_ch
2023-09-20 16:57:03	http://192.3.108.47/214/1/TiWorker.hta	Offline	hta opendir	abuse_ch
2023-09-18 15:32:06	http://192.3.108.47/399/4/TiWorker.hta	Offline	Formbook hta	abuse_ch
2023-09-12 15:21:05	http://192.3.108.47/365/1/MD.hta	Offline		Anonymous
2023-09-12 10:51:05	http://192.3.108.47/350/1/acrobat.hta	Offline		Anonymous
2023-09-10 08:54:06	http://192.3.108.47/CLT/1/NetHash.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-09-07 06:37:06	http://192.3.108.47/Msoffice/SecurityHealthSyst...	Offline	exe rat RemcosRAT	abuse_ch
2023-09-06 05:54:04	http://192.3.108.47/cache/doc/SHP_09887677878.hta	Offline		abuse_ch
2023-09-05 05:01:06	http://192.3.108.47/0988/1/Rersv.mp4	Offline		abuse_ch
2023-09-05 05:01:06	http://192.3.108.47/0988/1/Ceodlifv.vdf	Offline		abuse_ch
2023-09-05 05:01:06	http://192.3.108.47/0988/update.exe	Offline	AgentTesla	abuse_ch
2023-09-05 05:01:05	http://192.3.108.47/0988/doc/	Offline		abuse_ch
2023-09-05 05:01:04	http://192.3.108.47/0988/doc/O0O0O0O0O0000o0000...	Offline		abuse_ch
2023-09-04 16:23:04	http://192.3.108.47/0988/doc/O0O0O0O0O0000o0000...	Offline		abuse_ch
2023-09-04 16:22:07	http://192.3.108.47/0988/sun/SUN.txt	Offline	AgentTesla ascii Encoded opendir	abuse_ch
2023-09-04 16:22:06	http://192.3.108.47/0988/sun/update.hta	Offline	hta opendir	abuse_ch
2023-09-04 16:22:05	http://192.3.108.47/0988/sun/docu_o090099.url	Offline	opendir url	abuse_ch
2023-08-25 12:15:07	http://192.3.108.47/9800/2/IE_NETWORK.hta	Offline	hta	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-10-17 15:43:53	1b3308c54635f350179b3433d84feb310ec5244b4b9ec2d3db643ae9f456c426	unknown
2023-10-17 15:22:54	6e9292737f8e01bfac06f2e75ef3d4c438b3d210e4258f8f7697cd7f3528cd79	txt	AgentTesla
2023-10-17 11:03:07	441f082ada98156762af16e3ec47c3abd14a56e7860597d947f4471ac8299438	txt	AgentTesla
2023-10-17 11:03:06	e391dadc6989c43965e8c8b39f20f3913b0c25830e6866202a5b94822639b2a8	unknown
2023-10-17 11:03:05	e56c0a41cf8d509d930b8268a55cf9d2b6de0e59ed663ccb5d9b2054e7b87f7d	unknown
2023-10-17 10:57:07	c86c95aba296dec771dc1572323137d713a18259a333b3b4488d31bad3f13229	txt	AgentTesla
2023-10-17 10:57:05	680d726a58dc8a3c2623cbf09f57657317827295a6119966e61e762aa3b7917d	unknown
2023-10-17 10:57:05	347875cc16e6fac52191df237fe6dabfc656af0ef5c68d07a7b39a28b23db32e	unknown
2023-09-18 15:32:06	d6b0ff46a400677e3bfc9bbe37016956b448be70e4272e63f5b04dabcc3870e0	unknown
2023-09-13 07:52:17	b0b2ea1b9346644aee4f83ae8048f9783c10167a31063bdb9dbe5a93e517bb3b	unknown
2023-09-12 15:21:05	14c4ac3817dbaebe3c5565a7d3f6d75313b75a96797348ec5f757f61f05bd39b	unknown
2023-09-12 10:51:05	6792bfe2e086d1367fa55d2383f17a7ce0e5ce446ffa33752a3020eb0c3ed483	unknown
2023-09-10 08:54:06	ea9723cd4dfeb319cedc75c0dd4cb5fa326b995580aee939085780092aafcda9	exe	RemcosRAT
2023-09-07 06:37:06	456f09b71ed09cbc590f6a3b8d5aacc7f0fb94521d8b19b80d2a201e5f73b5a0	exe	RemcosRAT
2023-09-05 07:12:57	7d2dd9e8f8db2cfe41fd911dd4077134775db457beedb4788283e28d29837b6b	txt	AgentTesla
2023-09-05 06:58:09	e2b8cb6bc030a022aa9659801f7a14f03ade0a6dbffe1efe4cfede21f30b2f40	unknown
2023-09-05 05:01:06	638b264c5e67bc143ab63c76c7c727522b980889a4a5a9e4c0472655abb4713b	unknown
2023-09-05 05:01:06	69a4d343fbad07e93bcba1211de308c084a5f6fadc33093cd97942f8c893a669	unknown
2023-09-05 05:01:06	2edff05ec390a6401bd10b06cdf197a69c7c4deebf0df4d9ef667eb6e68c667a	exe	AgentTesla
2023-09-05 05:00:47	c45d4f16f1969eba9d3fa8f15b9f56e1e2f5da63e3c0e32be79c99f806cad5f4	unknown
2023-09-05 04:13:40	5beb62bc6a5ccedf0fca2bed737e2036f8c905c380d976d88666ee6c987b1efb	txt	AgentTesla
2023-09-04 16:23:04	90728679b009a7ce5004cec1be37f1ebe449db7a992ddb764305c4ef1e76c4b3	unknown
2023-09-04 16:22:07	085627b7cf9bc306aa266e9305a77ee0a76dfb7cfee5affb59f76267a08f6833	txt
2023-09-04 16:22:06	3432646c92bf80a7a836fae3b13c50262dde0bdf302ebcbad95630203f5bed51	unknown