URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 5.189.161.33 |
|---|---|
| Firstseen: | 2025-09-05 06:12:03 UTC |
| Total malware sites : | 4 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 4 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-09-05 06:12:08 | 5.189.161.33 | vmi2774342.contaboserver.net | Not listed | AS51167 CONTABO |  FR | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-09-05 06:13:06 | http://5.189.161.33/data/01.zip | Offline |  s1dhy | |
| 2025-09-05 06:12:18 | http://5.189.161.33/data/setup.exe | Offline | Stealc | s1dhy |
| 2025-09-05 06:12:10 | http://5.189.161.33/data/data.exe | Offline | s1dhy | |
| 2025-09-05 06:12:08 | http://5.189.161.33/data/go1.zip | Offline | s1dhy |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-09-05 06:13:06 | 7e8b69b37cd9f7c0cec4df1d39d1434737124111c227f25d4422544a1a0bc8f4 | zip | ||
| 2025-09-05 06:12:17 | a81e17ccf971da0699a08df991d99b433aed6431b660b2010cfc6e41288c8abe | exe | Stealc | |
| 2025-09-05 06:12:10 | 2d55dd55ed7bc12e9eeb1ef36035e05c8bc41c45b01af0fbc57a366d27834e2b | exe | ||
| 2025-09-05 06:12:08 | 3040d520ec41f9f695c286069e7be61c27e7cc2c497f1b6046b96c39ddf4a2eb | zip |