URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	195.16.44.75
Firstseen:	2026-02-23 07:12:03 UTC
Total malware sites :	57
Online malware sites :	47 (82%)
Offline Malware sites :	10 (18%)
Newest active malware site :	2026-02-23 07:13:14 UTC
Oldest active malware site :	2026-02-23 07:12:11 UTC (Age: 13 hours, 13 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-02-23 07:12:06	195.16.44.75		Not listed	AS3216 SOVAM-AS	RU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-02-23 07:13:14	http://195.16.44.75:8080/wp.exe	Online	opendir	juroots
2026-02-23 07:13:12	http://195.16.44.75:8080/update	Online	opendir	juroots
2026-02-23 07:13:11	http://195.16.44.75:8080/revshell.exe	Online	opendir	juroots
2026-02-23 07:13:11	http://195.16.44.75:8080/SweetPotato.exe	Online	opendir	juroots
2026-02-23 07:13:11	http://195.16.44.75:8080/revshell.hta	Online	opendir	juroots
2026-02-23 07:13:11	http://195.16.44.75:8080/Rubeus.exe	Online	opendir Rubeus	juroots
2026-02-23 07:13:11	http://195.16.44.75:8080/ps_payload.doc	Online	Metasploit opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/runascs/RunasCs_net2.exe	Online	opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/vpn_config.doc	Online	Metasploit opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/update5555.doc	Online	Metasploit opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/SharpRDP.exe	Online	opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/rev5555.odt	Online	opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/urgent_update.doc	Online	Metasploit opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/SpoolFool.exe	Online	opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/PrintSpoofer.exe	Online	opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/runascs/RunasCs.exe	Online	opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/sc64.bin	Online	opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/update.doc	Online	Metasploit opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/x64_payload.doc	Online	Metasploit opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/shell5555.doc	Online	Metasploit opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/revshell.doc	Online	Metasploit opendir	juroots
2026-02-23 07:13:10	http://195.16.44.75:8080/rev.ps1	Online	opendir	juroots
2026-02-23 07:13:09	http://195.16.44.75:8080/rev64.exe	Online	meterpreter opendir	juroots
2026-02-23 07:13:08	http://195.16.44.75:8080/update.exe	Online	AdaptixC2 opendir	juroots
2026-02-23 07:13:07	http://195.16.44.75:8080/PetitPotam.py	Offline	opendir	juroots
2026-02-23 07:13:06	http://195.16.44.75:8080/revshell.vbs	Offline	opendir	juroots
2026-02-23 07:13:06	http://195.16.44.75:8080/poly.gif	Offline	opendir	juroots
2026-02-23 07:13:06	http://195.16.44.75:8080/write_and_run.ps1	Offline	opendir	juroots
2026-02-23 07:13:05	http://195.16.44.75:8080/poly.jpg	Offline	opendir	juroots
2026-02-23 07:12:20	http://195.16.44.75:8080/LaZagne.exe	Online	Lazagne opendir	juroots
2026-02-23 07:12:20	http://195.16.44.75:8080/chisel.exe	Online	Hive opendir	juroots
2026-02-23 07:12:17	http://195.16.44.75:8080/KrbRelayUp.exe	Online	opendir Rubeus	juroots
2026-02-23 07:12:17	http://195.16.44.75:8080/DavRelayUp.exe	Online	mimikatz opendir	juroots
2026-02-23 07:12:16	http://195.16.44.75:8080/GodPotato.exe	Online	opendir	juroots
2026-02-23 07:12:16	http://195.16.44.75:8080/COMahawk64.exe	Online	opendir	juroots
2026-02-23 07:12:16	http://195.16.44.75:8080/follina_payload.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:16	http://195.16.44.75:8080/beacon.exe	Online	AdaptixC2 opendir	juroots
2026-02-23 07:12:16	http://195.16.44.75:8080/dde_payload.docx	Online	opendir	juroots
2026-02-23 07:12:14	http://195.16.44.75:8080/DavRelayUp2.exe	Online	opendir Rubeus	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/phish_final.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/JuicyPotatoNG.exe	Online	opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/go2.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/LocalPotato.exe	Online	opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/final.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/patch_update.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/cmd_patch.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/agent.exe	Online	AdaptixC2 opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/dde_payload.doc	Online	opendir	juroots
2026-02-23 07:12:13	http://195.16.44.75:8080/Inveigh.exe	Online	opendir	juroots
2026-02-23 07:12:12	http://195.16.44.75:8080/doc3.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:12	http://195.16.44.75:8080/payload.vba	Offline	opendir	juroots
2026-02-23 07:12:12	http://195.16.44.75:8080/follina.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:11	http://195.16.44.75:8080/go_update.doc	Online	Metasploit opendir	juroots
2026-02-23 07:12:08	http://195.16.44.75:8080/custom_macro.vba	Offline	opendir	juroots
2026-02-23 07:12:08	http://195.16.44.75:8080/cve-2022-21907.py	Offline	opendir	juroots
2026-02-23 07:12:07	http://195.16.44.75:8080/create_doc.py	Offline	opendir	juroots
2026-02-23 07:12:06	http://195.16.44.75:8080/CVE-2021-40449_poc.e	Offline	opendir	juroots

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-02-23 07:13:14	7945f9ccf7c2261a5741b5d4102b8909d48976f047e673190914127faa21092d	exe
2026-02-23 07:13:12	158d62312ab502f4f574f151ca10559880bbc5f5d9ec3b981b32cb2e4ab0efa7	elf
2026-02-23 07:13:11	02654237367ed430ea7b7e3a8bd49fb161fa5e4649d3ccd43f63fa49c4afeffe	exe
2026-02-23 07:13:11	287f87db7206d01932a38c7971c3b658e5e2fc932dff378c18bff88e215338b1	exe	SweetPotato
2026-02-23 07:13:11	1a13844fde7e03e38b594ed0fb6c9aa99143e3d6c2ddf266b6969e1f2661121f	hta
2026-02-23 07:13:10	9779b841a22ca39777f4230bdc3a8b0bc9cfe5a4f34c232c3c22ece2c38cb44b	doc	Metasploit
2026-02-23 07:13:10	0f188a5741c7753b90d4e51b6096541e018abfb3db33d502d718ccc29f89e98b	doc	Metasploit
2026-02-23 07:13:10	071207d36467fe346209d513ffa7366491479b6af4592d5ed43efdbf6007dbbe	doc	Metasploit
2026-02-23 07:13:10	237e360ee95e03d3d287c1efda0abcb8557b897336f6abe7863015642a985e3a	exe
2026-02-23 07:13:10	0e77dee10295621df8ec4ea11373d83f18743fa40c52a6950b54089f911467bb	unknown
2026-02-23 07:13:10	3399333d5145ba202fb5fcddad2ce46ecc9f63d357f9490d62a5d49fad112884	doc	Metasploit
2026-02-23 07:13:10	c0a7a797f39b509fd2d895b5731e79b57b350b85b20be5a51c0a1bda19321bd0	exe
2026-02-23 07:13:10	8524fbc0d73e711e69d60c64f1f1b7bef35c986705880643dd4d5e17779e586d	exe
2026-02-23 07:13:10	29955ba1e2193047ee5f4561445f81e218ae4de1a295f8fd296ad536bf381f17	exe
2026-02-23 07:13:10	0ea02bb8dac24d72cee8d5fcac3e65c4f809dde226071ac273fbbd4a060ff4c8	exe
2026-02-23 07:13:10	a4c7d6d5445243f3c8d4154bba3f22e746335d8e9815c2e0c5f572ff1e4cd938	unknown
2026-02-23 07:13:10	1c8e8efb28bc86ddce2049fbedf4a76b5c3a50f63ae49066f4e8d9efa5d8bbac	unknown	Metasploit
2026-02-23 07:13:10	c4aed35c30c862c466e504ab4c0ebec8fb4c9a84e24ca02378378fb1693d1caf	doc	Metasploit
2026-02-23 07:13:10	78e22cf4ce317530bbefe5017b16423aa99bb949543ca905e983a1fd1b84fa9c	doc	Metasploit
2026-02-23 07:13:10	2e119708b87f8ce7ea54dac6b87a5f6dceb9566d2edaaf5805bfce4ec0df85ff	txt
2026-02-23 07:13:10	828a03e1a219dae9c5fc45dd92139cc6063dc01b3db7ae557aaf57ab9eabd80c	unknown	Metasploit
2026-02-23 07:13:10	214be0aae0079be975055752faa13143c003d70655b8c5917fb84ca8f7ad9837	exe	Rubeus
2026-02-23 07:13:09	4da6fe90bd0c2ba8f7bf419991cc1f86762c9a23fb9bc24f581b9d8050320a09	exe	Meterpreter
2026-02-23 07:13:08	0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7	exe	AdaptixC2
2026-02-23 07:12:20	3cc5ee93a9ba1fc57389705283b760c8bd61f35e9398bbfa3210e2becf6d4b05	exe	LaZagne
2026-02-23 07:12:20	8a99353662ccae117d2bb22efd8c43d7169060450be413af763e8ad7522d2451	exe	Ransomware.Hive
2026-02-23 07:12:17	a84d2731983b2f9765bdc2048d1108aa69c7d926bbb57a6cea60de7d3002de1b	exe	Rubeus
2026-02-23 07:12:17	ebd21ac4ac71e466c1441dd998895dc5f9567d3ca999a30762f6028dfc59b4d5	exe	MimiKatz
2026-02-23 07:12:16	9a8e9d587b570d4074f1c8317b163aa8d0c566efd88f294d9d85bc7776352a28	exe
2026-02-23 07:12:16	85bd47cc708f80a3e9aebc5948404017053eec1c316f2c3b527011f19597ab1f	exe
2026-02-23 07:12:16	d372d58a85364bdce80030573a91c3a51d1e06b238e973cf66e31ae1c4c2360c	zip	Metasploit
2026-02-23 07:12:16	0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7	exe	AdaptixC2
2026-02-23 07:12:16	02ec371868f200a73be422bad4762884f6aec9932550b9a344db25d7a8f32ccc	unknown
2026-02-23 07:12:13	a2bafb5367ea1de0349c20bd59c95ab5143a174c7deeecf1c6bbb012bcd6bcbb	exe
2026-02-23 07:12:13	9818172dd6c8550a50ba902ec59300f68f8caa8afcbd585d2d7a60353668159d	doc	Metasploit
2026-02-23 07:12:13	513a2bbd8758003f748f097a852cbfdfba2b65191db3463cffd2663f13f6da68	doc	Metasploit
2026-02-23 07:12:13	071207d36467fe346209d513ffa7366491479b6af4592d5ed43efdbf6007dbbe	doc	Metasploit
2026-02-23 07:12:13	0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7	exe	AdaptixC2
2026-02-23 07:12:13	02ec371868f200a73be422bad4762884f6aec9932550b9a344db25d7a8f32ccc	unknown
2026-02-23 07:12:13	84b24071b0229e189f03bc643027a63c582b02f6e96e82d730e12793cfcd9abb	exe	Rubeus
2026-02-23 07:12:12	cfbe6716fd8a4a39a17c9e7bbfe3e3baf48252d44bd4dcc91f77ebed5ae9c5f1	doc	Metasploit
2026-02-23 07:12:12	3cc739bb1882fc9dbb056f39ebe4965771aeca0ceb44e85da39d1ba7dade693f	exe	SweetPotato
2026-02-23 07:12:12	558bb6eb15dcac4cff35a953b35bd6b067df71db3d36c7b6f29f7f82fcd73fb8	doc	Metasploit
2026-02-23 07:12:12	602dbcf4008c585582d5e5d5c8ddb1932fdee07a14308e9cbf937904f31df1f7	exe
2026-02-23 07:12:12	d49b1a337270ff054da831cd3fe657c4fb885f51d0ab4aadb7fa2788bae29fa7	doc	Metasploit
2026-02-23 07:12:12	7047dedb4a79f06667afc7107cd2ae57e7a34d65af6d1e9c418b74e9207a7638	zip	Metasploit
2026-02-23 07:12:11	7dc57e2042ca79bf1b5bdaad3640dd59140c947968721d12cbaec59682d4746a	doc	Metasploit