URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	196.251.117.34
Firstseen:	2025-09-25 08:40:05 UTC
Total malware sites :	19
Online malware sites :	0 (0%)
Offline Malware sites :	19 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-09-29 14:22:06	http://196.251.117.34/home/foreign.ps1	Offline	AgentTesla ascii opendir powershell ps1	abuse_ch
2025-09-29 14:22:06	http://196.251.117.34/home/test.ps1	Offline	ascii opendir powershell ps1	abuse_ch
2025-09-29 14:22:06	http://196.251.117.34/home/origin.exe	Offline	AgentTesla exe opendir	abuse_ch
2025-09-29 14:22:06	http://196.251.117.34/home/test.exe	Offline	exe opendir	abuse_ch
2025-09-29 14:20:08	http://196.251.117.34/home/airforce.ps1	Offline	AgentTesla opendir powershell ps1	abuse_ch
2025-09-28 10:31:18	http://196.251.117.34/home/Server_Unencrypted.ps2	Offline	opendir	BlinkzSec
2025-09-28 10:31:18	http://196.251.117.34/home/south.ps1	Offline	Formbook opendir	BlinkzSec
2025-09-28 10:31:10	http://196.251.117.34/home/neww2.ps1	Offline	opendir	BlinkzSec
2025-09-28 10:31:10	http://196.251.117.34/home/testted.ps1	Offline	opendir	BlinkzSec
2025-09-28 10:31:08	http://196.251.117.34/home/new.ps1	Offline	opendir	BlinkzSec
2025-09-28 10:31:07	http://196.251.117.34/home/h20remcos.ps1	Offline	opendir RemcosRAT	BlinkzSec
2025-09-28 10:31:07	http://196.251.117.34/home/Server_Plain.ps1	Offline	AsyncRAT opendir	BlinkzSec
2025-09-28 10:31:07	http://196.251.117.34/home/ObfuscatedScript.vbe	Offline	opendir	BlinkzSec
2025-09-27 11:04:06	http://196.251.117.34/home/mex.ps1	Offline	AgentTesla	abus3reports
2025-09-27 11:04:06	http://196.251.117.34/home/FOREIGN.zip	Offline		abus3reports
2025-09-25 08:40:21	http://196.251.117.34/home/IAN.zip	Offline		abuse_ch
2025-09-25 08:40:21	http://196.251.117.34/home/YAM.zip	Offline		abuse_ch
2025-09-25 08:40:21	http://196.251.117.34/home/KAYWISE.zip	Offline		abuse_ch
2025-09-25 08:40:21	http://196.251.117.34/home/AIRFORCE.zip	Offline		abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-09-29 14:22:06	69458eef1fae50bc72a0d7676b9c3112d2fee1fb4e67f1359ad5a62229b0581b	txt	AgentTesla
2025-09-29 14:22:06	e3673e26d50d2f4b11ff76407cdf36ed2a90d2e40e627cbd6c01181add46c5f4	txt
2025-09-29 14:22:06	f7ec2c9703f551dda92a7c043b302c5bab26a4f91683f94cdfe789b54b5a9437	exe	AgentTesla
2025-09-29 14:22:06	03e9d2fdf7abacf2aab5d76fd7a0f42e0cda206598f87b63dd462c9fbe8ceb05	exe
2025-09-29 14:20:07	dc146767f3d7a3d04186a6f04956e7acde1fbbfc3eaa11aaa87bf4fedb372ad7	ps1	AgentTesla
2025-09-28 10:31:18	5b9cebbe44b3edc9ead76a2e266feeb9e3e1c161cbabdd8429efb9b5ff79e477	ps1
2025-09-28 10:31:18	617fe3238bc5fa85c7621a6aa1ff24322f64a10a4bfd2118a9307bc2189fbad3	txt	Formbook
2025-09-28 10:31:10	b44db3b0dfdb193089e28b7b6f8d7bfb466652c7bebe874f721438d70cc7c799	ps1
2025-09-28 10:31:10	2553ba1ab62107f83e6991754da920bc656813aff1ab0ba45978085019f2ae56	txt
2025-09-28 10:31:08	bf5ab435e2a7474e304ad084aaf2f193ae2dcf8eeccf528923b214504d488fad	txt
2025-09-28 10:31:07	203e23dcaed7dbea1bbcd1e4db1e9db14590d50216f9d78263485a3fbe6558b8	ps1	RemcosRAT
2025-09-28 10:31:07	d857f1f90892fc5aa31772b94db5ffaa2e2aaabe69e46ee0d3031845280b6ff6	txt	AsyncRAT
2025-09-28 10:31:07	d84d25101b112963374cc83a4c987d649049db110e21dea007910b75e44d168b	txt
2025-09-27 11:04:06	423a871af5667d3274ac64a89554f0f03194488e19fcd92a29384db4ad37a468	txt	AgentTesla
2025-09-27 11:04:06	3dbb3859102624276892046b30dee3a3fd6f8c25efa5c5c908a3ac4c98a843db	zip
2025-09-25 15:49:40	f94019de7b96404426f23740b382daca2d40dcd22e812b521061a9acf43f7005	zip
2025-09-25 15:32:37	9b838faf4d1b2df1c7b1d3321062ddede083771eb9fe0cc627c1e7336191b384	zip
2025-09-25 15:29:42	cf87147ac779197d89c0cb45fb1f9b72183b3728eba3cdeb46787263b16f4843	zip
2025-09-25 15:23:30	e94f523804cb8f26af2e1bb0e4a81a0f04f6419477108de7f3b14ca3b8954c16	zip