URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	45.61.129.99
Firstseen:	2023-07-08 20:08:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-07-08 20:08:05	45.61.129.99		Not listed	AS14956 ROUTERHOSTING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-07-08 20:08:15	http://45.61.129.99:8080/888_IP_Crypter.exe	Offline		ULTRAFRAUD
2023-07-08 20:08:15	http://45.61.129.99:8080/XWorm_DNS_Crypter.exe	Offline		ULTRAFRAUD
2023-07-08 20:08:11	http://45.61.129.99:8080/888_DNS.exe	Offline		ULTRAFRAUD
2023-07-08 20:08:09	http://45.61.129.99:8080/888_IP.exe	Offline	Loda	ULTRAFRAUD
2023-07-08 20:08:07	http://45.61.129.99:8080/XWorm_DNS.exe	Offline	xworm	ULTRAFRAUD

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-07-08 20:08:15	216182df6e40cce8275bbc34ae724f835e6e857aab7cc179df55efefd99e5619	exe
2023-07-08 20:08:15	b5df131373e2480d28873f9a2df7d4eadf0020267d3300ef0d2e7f6e282226ed	exe
2023-07-08 20:08:10	c3b7125cfb532164ddfe038139fb7c09d4d31324084cd0ad4588e28650ac60ce	exe
2023-07-08 20:08:09	0a7f2ae4edd247e20d2c384ca6429c9c2e62e533967921db364e2959fbe3a12d	exe	Loda
2023-07-08 20:08:04	89c13d0d555824acb2e24f61d92fc6fb3dce46d6af5d1df86e683eb9c24eb3f0	exe	XWorm