URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 45.93.20.151
Firstseen:2026-01-23 17:45:05 UTC
Total malware sites :4
Online malware sites :4 (100%)
Offline Malware sites :0 (0%)
Newest active malware site :2026-01-25 10:35:07 UTC
Oldest active malware site :2026-01-23 17:45:07 UTC (Age: 2 days, 2 hours, 32 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-01-23 17:45:07 45.93.20.151SBL690072AS57523 changway-as- HKyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-01-25 10:35:07http://45.93.20.151/xopbs.exeOnlinedropped-by-amadey e3db0b RedLineStealer ext Bitsight
2026-01-23 23:02:07http://45.93.20.151/Installer.exeOnlinedropped-by-Stealc Stealc zobpx Bitsight
2026-01-23 20:34:06http://45.93.20.151/rkcvo.exeOnlineb80777 dropped-by-amadey Bitsight
2026-01-23 17:45:07http://45.93.20.151/Bot.exeOnlinedropped-by-amadey e3db0b tinynuke ext Bitsight

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-01-25 10:35:07870e41eb597ca0cfa7bf5dc29166e4383aa9f4e973912364e13735a94fce8a44exeRedLineStealer
2026-01-23 23:02:07bed6af9ba6758303763a09b019dee3c61dcc3a5bbd3af631bcdbcf74b63f23c0exeStealc
2026-01-23 20:34:067154afc5565dbef677de80392a33ec4c5445ddba524f21d25133983639658888exe 
2026-01-23 17:45:07d22d60c754eb0bd1625d28dd7efaf4ca85fc034132831e9ece586f6c67bb5989exeTinyNuke