URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	192.3.122.133
Firstseen:	2021-08-31 18:30:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-08-31 18:30:05	192.3.122.133	relamusa.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-08-15 15:54:07	http://192.3.122.133/450/vbc.exe	Offline	exe Formbook opendir	abuse_ch
2022-08-12 14:54:05	http://192.3.122.133/300/vbc.exe	Offline	32 exe Formbook	zbetcheckin
2022-08-11 08:53:05	http://192.3.122.133/250/vbc.exe	Offline	exe Formbook opendir	abuse_ch
2021-08-31 19:37:05	http://192.3.122.133/dube/win101.exe	Offline	32 exe Formbook	zbetcheckin
2021-08-31 18:30:05	http://192.3.122.133/Pman/win767.exe	Offline	exe opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-08-15 15:54:07	5c60ec93028885f6319a52ad6ae0d4eaa08cec6a82cf8c7c62d7a060341a77a8	exe	Formbook
2022-08-12 14:54:05	31e1689f5f0b5e52bca7bcb63aaa565c4e3239ac16386bef523365b1fc24f306	exe	Formbook
2022-08-11 13:37:35	8aa19f667123d092441538094fe3d6bda467a6a12ce60ba3b8ef9a17f5c185b3	exe	Formbook
2022-08-11 08:53:05	6e294639b9e9dec345a4b9bdeb29bd5695ea2d84e0fa88633ece9e7e88ad2bb4	exe	Formbook
2021-08-31 19:37:05	e4057c502b44a15299baee076824199bd52a1b0cc89c10d6638cb31dcddaafac	exe	Formbook
2021-08-31 18:30:05	39bceabd43cf3472c7d45aed5ebf68ed44b0aa83cad61b4b1d7a57038b17f200	exe