URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	3.35.217.223
Firstseen:	2021-06-22 14:50:03 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-06-22 14:50:08	3.35.217.223	ec2-3-35-217-223.ap-northeast-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	KR	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-06-22 19:18:08	http://3.35.217.223/cce/vbc.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-06-22 14:51:38	http://3.35.217.223/www/vbc-09.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-06-22 14:51:25	http://3.35.217.223/www/vbc.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-06-22 14:50:08	http://3.35.217.223/ben/vbc.exe	Offline	exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-06-22 19:18:08	f198970271e10830bafa86eccc5ce43e5075a15ed43f4e1924d0e8e0824f218b	exe	RemcosRAT
2021-06-22 14:51:38	b513d295799e49ac96d6cbaf60b01a37bf17571d5227ba3ad9c88b1b2abc29c4	exe	AgentTesla
2021-06-22 14:51:25	03e797d9d53541df85281fa1cea248e9fa2bf9d47a6db87afc02c68142eff52f	exe	AgentTesla
2021-06-22 14:50:08	4a0213993ce19c9637f964ed47e3e3b95ec5303b62583bde1751bd187037f2d2	exe	Formbook