URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 45.200.149.75
Firstseen:2024-08-27 04:40:05 UTC
Total malware sites :18
Online malware sites :0 (0%)
Offline Malware sites :18 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2024-08-27 04:40:06 45.200.149.75Not listedAS11404 AS-WAVE-1- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-12-04 18:41:06http://45.200.149.75/kjsusa6Offlineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:26http://45.200.149.75/testOfflineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:24http://45.200.149.75/vqsjh4Offlineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:23http://45.200.149.75/wriww68kOfflineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:22http://45.200.149.75/vwkjebwi686Offlineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:21http://45.200.149.75/wheiuwa4Offlineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:15http://45.200.149.75/vsbepsOfflineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:15http://45.200.149.75/qkehuslOfflineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:15http://45.200.149.75/dwhdbgOfflineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:14http://45.200.149.75/vkjqpcOfflineelf mirai ext ua-wget ClearlyNotB
2024-12-04 18:40:14http://45.200.149.75/dvwkja7Offlineelf mirai ext ua-wget ClearlyNotB
2024-09-11 10:38:05http://45.200.149.75/simulators/RJAiIfJiuZUcHqp...Offlinedoc VIPKeylogger NDA0E
2024-09-06 07:34:07http://45.200.149.75/simulators/BroyVyVPFAbkbpg...Offlineexe Formbook ext abuse_ch
2024-08-27 15:28:05http://45.200.149.75/simulators/thrylPXnvfySmGN...Offlineexe rat RemcosRAT ext abuse_ch
2024-08-27 15:28:05http://45.200.149.75/simulators/thrylPXnvfySmGN...Offlinedoc rat RemcosRAT ext abuse_ch
2024-08-27 13:51:05http://45.200.149.75/simulators/JLiiddebMDWNbcv...Offlineexe rat RemcosRAT ext abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-12-04 18:41:065ab1b6977c47bfffcd3a2cf68d298f261f12900d040a68a88df7b0ecb49c1cbbelfMirai
2024-12-04 18:40:264fa2699136d4dcaef93531f074cb0444f45a017a28e41c160c49c35bbd79ca8belfMirai
2024-12-04 18:40:24f3f641e684ce93d04087067acaf3130f591f0350dc340a0ddec456d32ee9fe51elfMirai
2024-12-04 18:40:22b77083c1ceff56126d911b74e7326ed25f9b23ae7be8983979c277b2c46b9671elfMirai
2024-12-04 18:40:21db377226cfb8e4afd5610fe6b8b42d347824f1d81b5f75f9318a14dd6ca4641belfMirai
2024-12-04 18:40:202b1a01bf9f949379b59e50b6cb6afd276aa4a8e5491ad5d8d9ec23300280a04eelfMirai
2024-12-04 18:40:1513dd4fa6a557a32c7c47553c50bb84427747ae3d2844ff29b9de98ad3aa80ec0elfMirai
2024-12-04 18:40:14971726aaf0f8c039be022d821d4ab6d95b868fbe25e4f5b2d71b3219950bf2edelfMirai
2024-12-04 18:40:14a95601eee7e1360b15131994644f94a753bd29bec949b3b5a46b07467ae365b8elfMirai
2024-12-04 18:40:14b2b7259f28f175afda3273c05113c1855ac1dc9478cdcb3730fd4aa8bb3ddce1elfMirai
2024-12-04 18:40:144915b201ed9c0d61d3239f8b32ab47bd7c555e7f00ade779fdc7fed80545964felfMirai
2024-09-11 10:38:05aa6b8820cd838b9e7f2279f34b9089153d1014f57bbbe4afa626cf2335f5f382rtfVIPKeylogger
2024-09-06 18:10:10cf929da9bb2a7f0efc647e1e2368f55ff4ade12b648e2d89a6495ada470ec731exe  
2024-09-06 07:34:07d4b56b6a0da17491e3e17ece9e764c96719cd00dcbfce8b3ae48621f8fafc63fexeFormbook
2024-08-27 15:28:056c98f35634c02c4cc1d7cbc628ba843c85e80559c1b1d51d44efb3e3bbfc40f6rtfRemcosRAT
2024-08-27 15:28:0586b19710e100964d95cfa01201152d4e73f1297f7286207feeb01cdb7e55efc8exeRemcosRAT
2024-08-27 13:51:051414f1e42aa7b329d33ddbf9c64024eb822b1f61780bede84aa260724bd36b60exeRemcosRAT