URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	198.46.174.139
Firstseen:	2024-07-23 06:43:04 UTC
Total malware sites :	19
Online malware sites :	0 (0%)
Offline Malware sites :	19 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-07-23 06:43:06	198.46.174.139	198-46-174-139-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-08-13 14:51:06	https://198.46.174.139/60/regasm.exe	Offline	exe opendir SnakeKeylogger	NDA0E
2024-08-13 14:51:06	https://198.46.174.139/95/wahost.exe	Offline	exe opendir SnakeKeylogger	NDA0E
2024-08-13 14:51:05	https://198.46.174.139/50/regasm.exe	Offline	exe opendir SnakeKeylogger	NDA0E
2024-08-13 07:01:05	https://198.46.174.139/xampp/gbh/creatednewthin...	Offline	doc SnakeKeylogger	NDA0E
2024-08-13 06:56:07	https://198.46.174.139/94/wahost.exe	Offline	exe opendir SnakeKeylogger	NDA0E
2024-08-07 18:47:11	http://198.46.174.139/95/wahost.exe	Offline	exe opendir SnakeKeylogger	abus3reports
2024-08-07 18:47:08	http://198.46.174.139/60/regasm.exe	Offline	exe opendir SnakeKeylogger	abus3reports
2024-08-07 18:47:08	http://198.46.174.139/50/regasm.exe	Offline	exe opendir SnakeKeylogger	abus3reports
2024-08-01 04:47:06	http://198.46.174.139/94/wahost.exe	Offline	exe opendir SnakeKeylogger	NDA0E
2024-08-01 04:03:06	http://198.46.174.139/xampp/gbh/creatednewthing...	Offline	doc RTF SnakeKeylogger	zbetcheckin
2024-07-26 05:07:06	http://198.46.174.139/71/winiti.exe	Offline	AgentTesla exe opendir	NDA0E
2024-07-26 04:38:05	http://198.46.174.139/xampp/ezm/ez/somethinggre...	Offline	AgentTesla doc RTF	zbetcheckin
2024-07-25 04:51:06	http://198.46.174.139/55/winiti.exe	Offline	32 AgentTesla exe opendir	zbetcheckin
2024-07-24 13:10:09	http://198.46.174.139/xampp/bnc/verygoodthingst...	Offline	doc SnakeKeylogger	dms1899
2024-07-24 04:20:07	http://198.46.174.139/xampp/bnc/bn/verygoodthin...	Offline	AgentTesla doc RTF	zbetcheckin
2024-07-23 16:22:06	http://198.46.174.139/66066/winiti.exe	Offline	exe opendir SnakeKeylogger	RacWatchin8872
2024-07-23 16:22:06	http://198.46.174.139/41/winiti.exe	Offline	exe opendir SnakeKeylogger	RacWatchin8872
2024-07-23 06:43:06	http://198.46.174.139/xampp/uhb/uh/wethkingwear...	Offline	AgentTesla doc	abuse_ch
2024-07-23 06:43:06	http://198.46.174.139/66077/winiti.exe	Offline	AgentTesla exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-08-13 14:51:06	5f569c72db9c31528daf2e907938b9bb711ea3a050efe5bf5d514dc962c5415c	exe	SnakeKeylogger
2024-08-13 14:51:06	850752cfce58c44ce5d48735f4d53ccc1f8d12b7e1ae00d367d9c42103d9ad99	exe	SnakeKeylogger
2024-08-13 14:51:05	e93063292dbb2c3209541ea13e57d0cca3225f35eb18977d2b3400a97255a49d	exe	SnakeKeylogger
2024-08-13 07:01:05	edd08eab5b1a7403c18ae7a7f8f3d757e85a856121c4e0b83ddd043596ed6cd4	rtf	SnakeKeylogger
2024-08-13 06:56:07	ec48091b8b9cc09fd9d73415078622d8b3c5fb2de818caa20814a43b1d1c14c7	exe	SnakeKeylogger
2024-08-07 18:47:11	850752cfce58c44ce5d48735f4d53ccc1f8d12b7e1ae00d367d9c42103d9ad99	exe	SnakeKeylogger
2024-08-07 18:47:08	5f569c72db9c31528daf2e907938b9bb711ea3a050efe5bf5d514dc962c5415c	exe	SnakeKeylogger
2024-08-07 18:47:08	e93063292dbb2c3209541ea13e57d0cca3225f35eb18977d2b3400a97255a49d	exe	SnakeKeylogger
2024-08-01 04:47:06	ec48091b8b9cc09fd9d73415078622d8b3c5fb2de818caa20814a43b1d1c14c7	exe	SnakeKeylogger
2024-08-01 04:03:06	edd08eab5b1a7403c18ae7a7f8f3d757e85a856121c4e0b83ddd043596ed6cd4	rtf	SnakeKeylogger
2024-07-26 05:07:06	33647cf1d7ba05386d44a608a94979925883f8e8c0e5f63b3f2e7ffdc7380461	exe	AgentTesla
2024-07-26 04:38:05	a74f7219f672e155f20c501b9285630b07e70922c058fa3713c29012b8cbdb8c	rtf	AgentTesla
2024-07-25 04:51:06	d987e88da6ca8f62cea95a075325a66e645ea856364eea63ddbcbd5e5a72b7c8	exe	AgentTesla
2024-07-24 13:10:09	44f91a4273c63cb7e0cf0dbad2c21ba5461780c5b821904148d5a4ab2bfdf81a	rtf	SnakeKeylogger
2024-07-24 09:54:35	078910e6360ee0588d569bdfb08de83fc36fd67d954577627806c44a0f11e85a	exe	Formbook
2024-07-24 04:20:07	53f52ed185f98283e220bcd59a64d7f3eb93b544fa04f16768f3a2707f43ac11	rtf	AgentTesla
2024-07-23 22:00:14	5d73e29724c66578b8d7cbe1288cabc6531ac1c312183d8325a24f399d3695f0	exe	AgentTesla
2024-07-23 16:22:06	b829184aab1ccfb16a446d25d7c522ba5e4bf7870747352c64756d71c6c3e5d7	exe	SnakeKeylogger
2024-07-23 16:22:06	11265a19b4c7d55db31b96517d864e52780a9475de3346e15eb39e0b1199f14e	exe	SnakeKeylogger
2024-07-23 09:33:00	df3325fba80354987645e107d3166cfe0b97c56818903e42bb938ce6bff6675c	exe	Formbook
2024-07-23 06:43:06	ece7fdf1d8fc9fe3edd6f538a8f3ca98576a41d7be00061618ee5af9ee7c3231	rtf	AgentTesla
2024-07-23 06:43:06	79c33f8a4caad1ef7a4af4ecd6719210ceee458fa1e811b8dc94d9d8d4114a23	exe	Formbook