URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 64.225.61.173 |
|---|---|
| Firstseen: | 2025-01-18 23:21:03 UTC |
| Total malware sites : | 10 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 10 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-01-18 23:21:06 | 64.225.61.173 | Not listed | AS14061 DIGITALOCEAN-ASN |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-02-24 15:11:07 | http://64.225.61.173:81/iox | Offline | elf hacktool iox opendir proxy |  skocherhan |
| 2025-02-23 20:04:05 | http://64.225.61.173:81/123.exe | Offline | exe hacktool opendir |  NDA0E |
| 2025-02-23 20:04:04 | http://64.225.61.173:81/iox.exe | Offline | exe hacktool iox opendir proxy | NDA0E |
| 2025-02-23 20:03:03 | http://64.225.61.173:81/neo.php | Offline | opendir php webshell | NDA0E |
| 2025-02-23 20:02:07 | http://64.225.61.173:81/files.zip | Offline | exe hacktool iox opendir proxy | NDA0E |
| 2025-02-23 20:01:03 | http://64.225.61.173:81/tcp_windows_amd64.exe | Offline | exe opendir | NDA0E |
| 2025-02-23 20:01:02 | http://64.225.61.173:81/tcp_linux_amd64 | Offline | elf opendir | NDA0E |
| 2025-02-23 20:00:05 | http://64.225.61.173:81/Win32.zip | Offline | hacktool mimikatz opendir zip | NDA0E |
| 2025-02-23 20:00:04 | http://64.225.61.173:81/Win322.1.zip | Offline | hacktool mimikatz opendir zip | NDA0E |
| 2025-01-18 23:21:06 | http://64.225.61.173/02.08.2022.exe | Offline | CobaltStrike  shellcode |  DaveLikesMalwre |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-02-24 15:11:07 | 5bef1edbff008d4fe5c253b7c0b6721ef45261d441d682e40ef882d4b66699f1 | elf | ||
| 2025-02-23 20:04:05 | 22ef29d989b832bcebd3dbe7e2bbf9255093fc8d6aac0dd4cb0db184ee8acca3 | exe | ||
| 2025-02-23 20:04:04 | c6cf82919b809967d9d90ea73772a8aa1c1eb3bc59252d977500f64f1a0d6731 | exe | ||
| 2025-02-23 20:02:06 | c6cf82919b809967d9d90ea73772a8aa1c1eb3bc59252d977500f64f1a0d6731 | exe | ||
| 2025-02-23 20:01:02 | adb05f67558ac69a98dc946a677bef2e6c509b14694368bc2d6e60245b5e2fc2 | elf | ||
| 2025-02-23 20:01:02 | d027858db60106f36cdfebd87fce4f4882f79efdbc878b4793e47a02663560d4 | exe | ||
| 2025-02-23 20:00:05 | 3b7db637f394b36fc18267f4f9043826d77d907453cb41790d489813866bc847 | zip | MimiKatz | |
| 2025-02-23 20:00:04 | fa6ca18ab33ce5d76d5224cf30ef4e1e840330734ad61ca15c00b23db4d8568b | zip | MimiKatz | |
| 2025-01-18 23:21:05 | 6a69ce78dc7a698c682ac0470dfe5eb71d2fb3b833b8e9af06aa5c79eff535d9 | unknown |