URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 23.94.148.100
Firstseen:2023-02-21 13:27:03 UTC
Total malware sites :6
Online malware sites :0 (0%)
Offline Malware sites :6 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-02-21 13:27:11 23.94.148.10023-94-148-100-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-02-24 13:51:06http://23.94.148.100/9015/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2023-02-23 01:12:05http://23.94.148.100/2324/vbc.exeOffline32 exe SnakeKeylogger ext zbetcheckin
2023-02-22 10:48:04http://23.94.148.100/O-OO.DOCOfflineAgentTesla ext RTF zbetcheckin
2023-02-22 10:24:03http://23.94.148.100/451/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2023-02-22 10:01:04http://23.94.148.100/324/vbc.exeOfflineexe abuse_ch
2023-02-21 13:27:11http://23.94.148.100/450/vbc.exeOfflineAgentTesla ext Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-02-24 13:51:06b531b9a7a424d41fe022f7f4a31aa7f764e8d0bc33793b9d271a8b5f90ac9378exeAgentTesla
2023-02-23 01:12:0526b651e58c2f3327e4bb8f994047e77bb3c4a9a9b821ffa3d6e5c61ddfc6408eexeSnakeKeylogger
2023-02-22 10:48:0468b3b4b4b491482f3c44e62d6b3863b5f4aeedb9608a6c27e4eeac44f8a375e3rtfAgentTesla
2023-02-21 13:27:05d975348bc9e2938f9bbb8f8c96f20cbc74c0241ef9e0847a853233fd962f73faexeAgentTesla