URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 66.179.210.19 |
|---|---|
| Firstseen: | 2025-02-11 18:36:03 UTC |
| Total malware sites : | 9 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 9 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-02-11 18:36:05 | 66.179.210.19 | ip66-179-210-19.pbiaas.com | Not listed | AS8560 IONOS-AS |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-02-12 20:06:05 | http://66.179.210.19/78/sweety/swee/createdbest... | Offline | RemcosRAT  |  Riordz |
| 2025-02-12 20:06:03 | http://66.179.210.19/525/seethebestthingsaround... | Offline | Riordz | |
| 2025-02-12 19:49:07 | http://66.179.210.19/78/createdbestthingswithbe... | Offline | rat RemcosRAT rev-base64-loader |  abuse_ch |
| 2025-02-12 19:49:05 | http://66.179.210.19/78/createdbestthingswithbe... | Offline | rat RemcosRAT | abuse_ch |
| 2025-02-12 19:18:04 | http://66.179.210.19/78/sweety/createdbestthing... | Offline | hta RemcosRAT | Riordz |
| 2025-02-11 19:06:04 | http://66.179.210.19/xampp/mpo/verynicekinggood... | Offline | AgentTesla hta | abuse_ch |
| 2025-02-11 18:36:05 | http://66.179.210.19/525/sithaa/seethebestthing... | Offline | hta RemcosRAT | abuse_ch |
| 2025-02-11 18:36:05 | http://66.179.210.19/525/sithaa/sth/seethebestt... | Offline | doc RemcosRAT | abuse_ch |
| 2025-02-11 18:36:05 | http://66.179.210.19/525/seethebestthingsaround... | Offline | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-02-12 20:06:05 | f5a27e59dfac3afb073fe8ca6680a075e91442a707e5c3ca0bc4f7dcfb870e1f | rtf | RemcosRAT | |
| 2025-02-12 19:49:07 | 81cb151128ca784119c32fdf5dfcf7ed21f9608d0d70df8183c6f068821cf3b5 | txt | RemcosRAT | |
| 2025-02-12 19:49:05 | b3b2720ea2c5243f79f6a899d4321707d5addb9fc54205474b2b638754bcdd86 | txt | ||
| 2025-02-12 19:18:04 | 8b1b3e1f69d6d339e2b77e1610457544b1774eb184b53b490d37e17667c4dd68 | hta | RemcosRAT | |
| 2025-02-11 19:06:04 | bbbdab73b98874120d9204bb47beb47b7601d4e02d3c67a456217a10849acdbd | hta | AgentTesla | |
| 2025-02-11 18:36:05 | 3feaf09cd2a54a70cbac8be7a9bf1aa1d36a55fc59ecd0cb9710f561858af876 | rtf | RemcosRAT | |
| 2025-02-11 18:36:05 | bcfa3738c8ed2c5689d955cea5aa79cde6a3eaa7ee3a345003bcbf77804d23de | txt | ||
| 2025-02-11 18:36:04 | d56acfccb8d17dbd4d1f2796ee28af6a7e9d14c4a99ff71c63aeafe759848e86 | hta | RemcosRAT |