URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 45.93.20.34 |
|---|---|
| Firstseen: | 2025-12-11 15:26:07 UTC |
| Total malware sites : | 1 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-12-11 15:36:14 | 45.93.20.34 | SBL690072 | AS57523 changway-as |  HK | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-12-11 15:36:14 | http://45.93.20.34/UpdateScr.exe | Offline | exe Stealc |  abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-12-16 00:39:25 | 2b78e71a37454943ee8eca2133039ee30ae60d19840f19f3bd183f111959c940 | exe | Stealc | |
| 2025-12-13 18:28:58 | eadecfcd224b3d20b25754a99d239025c97c556df1f9f6789e6faa352c024407 | exe | Stealc | |
| 2025-12-12 17:15:13 | a3fc607bb0e65e1a28f72bb6cc8a7814d9b9da6f958e0becc27289a240ba564b | exe | Stealc | |
| 2025-12-12 06:27:16 | f50023166d780b6854ef84a1af2b3c6526877a78bf59290d4caf24ca1248149e | exe | ||
| 2025-12-11 15:36:12 | 97920d2ca396abe3d2f720f4a006436237753b53141b888a93c2624e899efd9f | exe | Stealc |