URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 195.20.16.46
Firstseen:2024-01-23 11:01:04 UTC
Total malware sites :16
Online malware sites :0 (0%)
Offline Malware sites :16 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-02-26 09:56:15http://195.20.16.46/download/123p.exeOfflineCoinMiner dropped-by-PrivateLoader Bitsight
2024-02-19 17:46:08http://195.20.16.46/ext/lockads.jpegOfflinedropped-by-PrivateLoader encrypted Bitsight
2024-02-13 11:51:05http://195.20.16.46/ext/askaibrowser.jpegOfflinedropped-by-PrivateLoader encrypted Bitsight
2024-02-09 09:43:05http://195.20.16.46/ext/videodown.jpegOfflinedropped-by-PrivateLoader encrypted Bitsight
2024-02-08 06:10:30http://195.20.16.46/ext/askusdaily.jpegOfflinedropped-by-PrivateLoader encrypted Bitsight
2024-02-08 06:10:29http://195.20.16.46/ext/horizontimez.jpegOfflinedropped-by-PrivateLoader encrypted Bitsight
2024-02-08 06:10:29http://195.20.16.46/ext/ksearches.jpegOfflinedropped-by-PrivateLoader encrypted Bitsight
2024-02-08 06:10:29http://195.20.16.46/ext/searchfz.jpegOfflinedropped-by-PrivateLoader encrypted Bitsight
2024-02-05 12:54:10http://195.20.16.46/download/RetailerRise.exeOfflineexe RiseProStealer vxvault
2024-01-23 12:30:15http://195.20.16.46/api/StealerClient_Cpp_1_3_1...Offline32 exe RiseProStealer zbetcheckin
2024-01-23 12:30:15http://195.20.16.46/api/StealerClient_Cpp_1_3.exeOffline32 exe RiseProStealer zbetcheckin
2024-01-23 12:30:14http://195.20.16.46/download/crypted_d786fd3e.exeOffline32 exe zbetcheckin
2024-01-23 12:30:14http://195.20.16.46/api/StealerClient_Sharp_1_4...Offline32 exe RiseProStealer zbetcheckin
2024-01-23 12:30:14http://195.20.16.46/api/StealerClient_Cpp.exeOffline32 exe RiseProStealer zbetcheckin
2024-01-23 12:30:14http://195.20.16.46/api/StealerClient_Cpp_1_4.exeOffline32 exe RiseProStealer zbetcheckin
2024-01-23 11:01:18http://195.20.16.46/download/gate3_64.exeOfflinedropped-by-SmokeLoader PrivateLoader PythonStealer Casperinous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-03-24 16:11:02d0b06ca6ece3fef6671fa8acd3d560a9400891abcd10f5cedcfe7bd1e6050dfeexe CoinMiner
2024-03-24 16:10:59d0b06ca6ece3fef6671fa8acd3d560a9400891abcd10f5cedcfe7bd1e6050dfeexe CoinMiner
2024-03-19 09:20:08bd81aacc34212fdc8bd7f0788e850e8e95cca31db5906ca926eb505cec8fcb9dexeRiseProStealer
2024-03-18 13:04:58f6dddbe18895719a899361ec8b464d9277c8cbe0d4aa44427fe76a617f8a3e54exeRiseProStealer
2024-03-17 10:29:061fcc89ab9a743b0dc86aa49b88dbce141f6ff0f31d7db527d3b6273f8d370580exe  
2024-03-16 13:36:33cff865d27b4ded60ae4fe74bc49a8bb7dc37506f5c4c19980f713bb4c53b0eb8exeRiseProStealer
2024-03-15 14:13:474fdd72c2986c5d38adca6858fed74bf26c203a7619d1275b6e200d1c50295df4exe CoinMiner
2024-03-15 10:39:321096be85e27792ad45a0d085f4bd4036ba9cf5a98ca94dd41d4cfdce3dd10337exeRiseProStealer
2024-03-14 12:31:53d059f4d04c9b70923961d638dcbf9988e76becbb3aa246da9aa888c608ecfa8fexeRiseProStealer
2024-03-13 13:12:14061f1db2c04541a579d45391d950510fbefcb3a80536dfd445f0f076765f627fexeRiseProStealer
2024-03-12 14:31:17d73bf02e574fc907ee25a373379532da515a089511755756d4792016d4c0b0daexeRiseProStealer
2024-03-11 10:18:48db1477d1a129930f87b3d8e321d4080f279117c5dfc1864bcbda64eea893a12eexeRiseProStealer
2024-03-09 10:15:08550306b5d87aa15c9b4a21bfa0e3c9857d9b3ed07e3ce9af2184e63430f3ebb9exe  
2024-03-07 10:09:15dd4a1ee600fd5b07e35d0c6953feade254da969e2b96bdd765df6fbbc561110bexeRiseProStealer
2024-03-06 16:29:55aa764a761fd512c5f6240c23abfaf3f96249053e98f6d2c0d6a0753ea73abcb6exeRiseProStealer
2024-03-05 12:22:4733136dd64b2b82f5f35d250c41060e70eb9c0028cc9e93f61b4e1d32f0163c3cexe CoinMiner
2024-03-04 11:07:59b5412f8b22ca32abaf8cb82466be9bc9bff18978ce7e95da286132f9323493b7exe RiseProStealer
2024-03-03 08:16:312cd717fff22a6aa8c3a933e5ddef3c2380a8319049df1fb68c84bcc2282d27e0exe RiseProStealer
2024-02-26 10:15:4247786ac8269182bbed75a3762ad6552d7b7140950b3d4d7b52eeef01ba10d439exeCoinMiner
2024-02-26 09:56:1491868b664010d28ad8f47a53c4d5d77df66a3de7a5174aa684556a63e79ab0f9exeCoinMiner
2024-02-26 09:34:31c25a710cb692137bf2bfa758b4dd2bbcc3743c6eedff481581e16d4adbd9db53exeRiseProStealer
2024-02-24 09:26:22b9b8b4058e0cf7e9a9f8aac516026a587b84ce1612c244f3720de336d634f383exeRiseProStealer
2024-02-23 09:59:0426547eefc12ad433a0f06eb2fbc2cecb17b2d31166d5a106c78d2158e417a439exeRiseProStealer
2024-02-22 09:22:511732cdc9324383adf6f36c868312ea8eb023b50c121899e9ef101bb65010fc7eexeRiseProStealer
2024-02-21 09:45:16d4dd0ad08042d331b371efc97ee1e489fcb10020eb5612ba6a351bb1893a35ccexeRiseProStealer
2024-02-20 15:10:114f7aed014995fdbb666ed9773fef46800128929716862e2bb77e0eab7282e7ffexeRiseProStealer
2024-02-19 17:46:08982c1ddefad693e67602f4ef9c2116604b1119c81d36b4b8be4725a6afa0644fcrx  
2024-02-19 09:43:39a10d8066fd89c3c6568fde505a1c6c87f30ea927e92ceb1c387aa87cb3f8fb8dexeRiseProStealer
2024-02-18 13:07:2490acd520c0672a8d46d2b2c376ca6098f08137a7379f461a82acca27ab07fc96exeRiseProStealer
2024-02-16 16:54:1200d626937c00e5bb06c353f5724b53b80897de9df5789926c3403abc7ef723fbexeRiseProStealer
2024-02-15 11:03:231ba8ffaf9d90746deccc9a9d97fb6ffeea76fb222cd3e1afd8704032e1cf0badexeRiseProStealer
2024-02-14 09:04:5101fa5d9465ab9c7793cc728cc75bb80f3edbc98454c6d5694fe370463fce4c66exeRiseProStealer
2024-02-13 11:51:0559206c066783af0ff1db426be43991cfd71e0f54522c794dbef70cb6eff16156crx  
2024-02-10 10:09:08e426483523272b12ad20e3e8caae7c0e2a889266b0845cacbefa6ca5c7312388exeRiseProStealer
2024-02-09 09:43:0513bee5a0da2923efd6b6483ea925ea4b65359cc532dda5355d0395377e61ebefunknown  
2024-02-08 09:20:43932ecc04ecea3f864a5decb78562e8c7a2646b013d4476c6496df0a88f094c4eexeRiseProStealer
2024-02-08 06:10:307a4a455395e0c276f8bfc9e03e6ddba9130347825a0ab64e66ddffd4bcde725bcrx  
2024-02-08 06:10:294c87f5023609bacbd48125ea746e3fb23a086160d55ead03440599933daff9cfcrx  
2024-02-08 06:10:299550f78c473a66f29a2c61329a76ba02553110005e3143ca3f380d178517dfeecrx  
2024-02-08 06:10:29a5f6be51b251d9bfd00f10de24f9460f5615fa939a68680bcc256d6ec0f80894crx  
2024-02-06 11:10:5761405d360b3edf9d4a3c97d9fc49d0e86b4d869668e6eac3b2f3b98d3c45f325exeRiseProStealer
2024-02-05 12:54:104e4d4e52ad156dc7b32a4010134ba2b0fb56dea2d47c8bf562e5cc587a165faaexeRiseProStealer
2024-01-24 07:26:0225a45d1d37301ba257800b8a9dd504e2233a5f48a67b3622dad67d0a23fd70eaexe RiseProStealer
2024-01-24 07:19:284a29b32e33509dac8f19e77b6a103509d6c9efe3ff80a8bfa1558e8efb9bcf0bexe RiseProStealer
2024-01-23 14:07:5307fc70e17fc81a62cce3afd89755eb174e090bb3c0f170ea23a55ac7cdda1820exePrivateLoader
2024-01-23 12:30:15c1d48af0ef3b7447252cdaed5176d5db5926cdbc579b4d84268748277cd6b05dexeRiseProStealer
2024-01-23 12:30:15c0143c77d9bc39a7e6c58918f07a1309edc7d8d2148546e14b012e1a981a6bcdexeRiseProStealer
2024-01-23 12:30:1476c9a87296e68921fd2c0a6739a7b46676e6672780ef500d516251eea57c0084exeRiseProStealer
2024-01-23 12:30:14af947125dffad8ed43e2fed966c2f5565c17f9ca23ab94f161e2b6585076dfecexeRiseProStealer
2024-01-23 12:30:14dc69d387c548586370793e3271ec0db863eb2447404e4af94d3aee1b0fb1609cexeRiseProStealer
2024-01-23 12:30:14786feb7c36343b93848ba49429ff31aa25d587a5d443c8d079c39edbda8ee0d3exe 
2024-01-23 11:01:1739aab94eca342696e7fc88003d4266c8d8e50457c5e034556327ab7ba72cb38dexePythonStealer