URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 198.46.178.192 |
|---|---|
| Firstseen: | 2024-11-11 16:51:04 UTC |
| Total malware sites : | 11 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 11 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2024-11-11 16:51:10 | 198.46.178.192 | 198-46-178-192-host.colocrossing.com | Not listed | AS36352 AS-COLOCROSSING |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-12-04 12:49:09 | 059cd2547aa7869e42db01e6b2ef95ac7cd4022be605582649135cd8a2319602 | hta | RemcosRAT | |
| 2024-12-04 12:02:07 | 059cd2547aa7869e42db01e6b2ef95ac7cd4022be605582649135cd8a2319602 | hta | RemcosRAT | |
| 2024-11-26 08:13:08 | 70576f474296d70ab1182339945255eeed65d7f5e8b71b153a56b9e2c0478ec5 | hta | RemcosRAT | |
| 2024-11-13 07:24:06 | ff98902753abefb76884fc6fa5fa34f389b215ad9a447bf434624f097f12ad57 | hta | RemcosRAT | |
| 2024-11-11 16:51:09 | c2de3056a60ef2333b3e4532593a69f279ecfa2002460801978b2e618aaa77bc | txt | RemcosRAT | |
| 2024-11-11 16:51:07 | 134d52fbb53944f8d09eb33663c83f406e5fa15996afe1bb7e95eeef99298821 | hta | RemcosRAT |