URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 94.156.161.167
Firstseen:2023-08-06 09:02:06 UTC
Total malware sites :44
Online malware sites :0 (0%)
Offline Malware sites :44 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-08-06 09:04:20 94.156.161.167Not listedAS201183 voiptelitalia- ITyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-10-31 06:34:05http://94.156.161.167/JDS.vbsOfflineAgentTesla ext CVE-2017-11882 vbs adm1n_usa32
2023-10-31 06:34:05http://94.156.161.167/HRE.vbsOfflineAgentTesla ext CVE-2017-11882 vbs adm1n_usa32
2023-10-31 06:34:05http://94.156.161.167/MSS.vbsOfflineAgentTesla ext CVE-2017-11882 vbs adm1n_usa32
2023-10-09 20:12:16http://94.156.161.167/tl/ig5443.txtOfflineAgentTesla ext James_inthe_box
2023-10-09 14:09:42http://94.156.161.167/tl/eg6667.txtOfflineAgentTesla ext James_inthe_box
2023-10-09 13:49:05http://94.156.161.167/EXX.vbsOfflineAgentTesla ext Loader James_inthe_box
2023-10-02 13:24:44http://94.156.161.167/tl/ed6543.txtOfflineAgentTesla ext James_inthe_box
2023-09-29 16:37:42http://94.156.161.167/tl/lu47821.txtOfflineAgentTesla ext James_inthe_box
2023-09-29 16:32:05http://94.156.161.167/LUG.vbsOfflineAgentTesla ext dropper James_inthe_box
2023-09-27 13:33:08http://94.156.161.167/tl/ly4893.txtOfflineAgentTesla ext James_inthe_box
2023-09-20 15:35:06http://94.156.161.167/GWA.vbsOfflineAgentTesla ext vbs abuse_ch
2023-09-20 15:31:06http://94.156.161.167/HVD.vbsOfflineAgentTesla ext vbs abuse_ch
2023-09-20 13:43:10http://94.156.161.167/tl/hg5323.txtOfflineAgentTesla ext James_inthe_box
2023-09-19 21:06:29http://94.156.161.167/tl/iz8596.txtOfflineAgentTesla ext James_inthe_box
2023-09-18 11:26:04http://94.156.161.167/UDG.vbsOfflineAnonymous
2023-09-16 07:07:05http://94.156.161.167/HNL.vbsOfflineAgentTesla ext ascii vbs abuse_ch
2023-09-15 15:23:24http://94.156.161.167/tl/ch63469.txtOfflineAgentTesla ext James_inthe_box
2023-09-15 06:39:05http://94.156.161.167/KGT.vbsOfflineAgentTesla ext vbs abuse_ch
2023-09-15 06:38:04http://94.156.161.167/UDH.vbsOfflineAgentTesla ext vbs abuse_ch
2023-08-31 13:35:10http://94.156.161.167/HWX.vbsOfflineAgentTesla ext dropper James_inthe_box
2023-08-31 13:35:10http://94.156.161.167/tl/luq98.txtOfflineAgentTesla ext James_inthe_box
2023-08-24 14:11:24http://94.156.161.167/tl/ed432.txtOfflineAgenttelsa ext James_inthe_box
2023-08-24 14:11:23http://94.156.161.167/ESL.vbsOfflineAgentTesla ext dropper James_inthe_box
2023-08-21 09:54:34http://94.156.161.167/tl/li21.txtOffline JAMESWT_MHT
2023-08-21 09:35:07http://94.156.161.167/LBK.vbsOfflineAgentTesla ext JAMESWT_MHT
2023-08-18 19:35:34http://94.156.161.167/EHJ.vbsOfflineAgentTesla ext dropper James_inthe_box
2023-08-18 19:35:34http://94.156.161.167/tl/er33.txtOfflineAgentTesla ext James_inthe_box
2023-08-17 13:29:08http://94.156.161.167/tl/ha88.txtOfflineAgentTesla ext James_inthe_box
2023-08-17 13:29:08http://94.156.161.167/HVS.vbsOfflineAgentTesla ext dropper James_inthe_box
2023-08-15 13:59:29http://94.156.161.167/tl/ert09.txtOfflineAgentTesla ext James_inthe_box
2023-08-14 13:51:40http://94.156.161.167/tl/ehj219.txtOfflineAgentTesla ext James_inthe_box
2023-08-14 13:45:10http://94.156.161.167/EGK.vbsOfflineAgentTesla ext dropper James_inthe_box
2023-08-10 18:55:29http://94.156.161.167/tl/izs45.txtOfflineAgentTesla ext James_inthe_box
2023-08-10 18:50:07http://94.156.161.167/IFB.vbsOfflineAgentTesla ext dropper James_inthe_box
2023-08-09 18:03:05http://94.156.161.167/HGG.vbsOfflineascii vbs abuse_ch
2023-08-09 18:01:06http://94.156.161.167/HYY.vbsOfflineAgentTesla ext ascii vbs abuse_ch
2023-08-09 18:00:10http://94.156.161.167/MSK.vbsOfflineascii vbs abuse_ch
2023-08-09 18:00:10http://94.156.161.167/JHB.vbsOfflineascii vbs abuse_ch
2023-08-09 17:43:17http://94.156.161.167/tl/ewq178.txtOfflineascii Encoded abuse_ch
2023-08-08 13:42:06http://94.156.161.167/EDH.vbsOfflineAgentTesla ext ascii vbs abuse_ch
2023-08-08 13:42:05http://94.156.161.167/EWW.vbsOfflinevbs abuse_ch
2023-08-08 13:41:05http://94.156.161.167/WQO.vbsOfflinevbs abuse_ch
2023-08-06 09:04:20http://94.156.161.167/HSS.vbsOfflineAgentTesla ext ascii vbs abuse_ch
2023-08-06 09:04:20http://94.156.161.167/tl/haa22.txtOfflineAgentTesla ext ascii Encoded abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-10-31 06:34:05f3f7dff00ae17fb0044043a1e7f792bf8047ffa80020bf4099bcbdeee2be3245unknownAgentTesla
2023-10-31 06:34:05ed894c41caf24ca689f2155ce7ce263ad06b4662830a25fb8ec25271ffb49184unknownAgentTesla
2023-10-31 06:34:05917f30ee59de50efe5fc8d75c7efd730a79adc56587b4be1b40e5e77628a4c25unknownAgentTesla
2023-10-09 20:12:166919a76f3195831e723369fc33bc336423703ec73f039ecddc8af9442c1a33e3unknown  
2023-10-09 14:09:42400cb57d07c36ce90927c301e68c78b5c7dccfcf42d3d4caee6123c5f4d97c1eunknown  
2023-10-09 13:49:05ea995ab98439bc4ce6209707650964576c98ad11cd270351d4fbb5d0076bc40funknownAgentTesla
2023-10-02 13:24:44400cb57d07c36ce90927c301e68c78b5c7dccfcf42d3d4caee6123c5f4d97c1eunknown  
2023-10-01 23:21:53f2fac6bb286b51c88235dd930943b3ad364778d4ed065e76eb2170db225f041bunknown  
2023-09-29 16:37:4201679480a2019561dc10aaa3b0e19e060bcf11a0ff755d189dcd4ba1a4d7f7aeunknown 
2023-09-29 16:32:05357892eae7b1f63bbb3b803f5e1a72772e8cd4e1375ad013cd766b821ea4f2d7unknownAgentTesla
2023-09-27 13:33:0801679480a2019561dc10aaa3b0e19e060bcf11a0ff755d189dcd4ba1a4d7f7aeunknown 
2023-09-20 23:17:03f502bc1dab00e8964dc487cb554a40a10ae3348086f42ebfd12d978850e6a40dunknown  
2023-09-20 15:35:063b4bdc3082032bb19dc547cfbf9a64ebb6436af544fe6210e36c82275b483e35unknown  
2023-09-20 15:31:0659a21410a7c7902a8f1f1b7114699d2ebbf63f2793ff30caae74fd214fc3e91funknownAgentTesla
2023-09-20 13:43:10e67ad85c35f71a9b80fad378b3cd59d338dd1c6af74d6c715b578f0b451ddc91unknown  
2023-09-20 00:35:475198d74686df011563d9e603e2cebf8a66ca4fad268ed5f0eb460b211f095309unknown  
2023-09-19 21:06:296919a76f3195831e723369fc33bc336423703ec73f039ecddc8af9442c1a33e3unknown  
2023-09-18 23:57:065b401ed8d3f6be5537678459c9e61f921cec6d5fb0149d59a77b0a3c6f354e22unknown  
2023-09-18 11:26:0439b7feb9f703e62d31194a1d1c8b0af638e208e6ed66a573bede67fc23c48d34unknown  
2023-09-16 07:07:057cb918f3affdc8b4652d94657e829712ff462456311b851c33ffd3252b740a3eunknown  
2023-09-15 15:23:2401679480a2019561dc10aaa3b0e19e060bcf11a0ff755d189dcd4ba1a4d7f7aeunknown 
2023-09-15 06:39:05f94e28fa8b373c14cc602c450c650422100c00789b2f848797de7fc45bc7aecaunknown  
2023-09-15 06:38:04762deb62e3a9980e646f132f914ec3cfb4213c48a6a7fd3c451051e7edda8798unknown  
2023-08-31 13:35:1026176205211fdce7ad34cf10d72f178f1646e913e368f0f5bcc325e5428a69ccunknownAgentTesla
2023-08-31 13:35:10e67ad85c35f71a9b80fad378b3cd59d338dd1c6af74d6c715b578f0b451ddc91unknown  
2023-08-24 14:11:24400cb57d07c36ce90927c301e68c78b5c7dccfcf42d3d4caee6123c5f4d97c1eunknown  
2023-08-24 14:11:23f2688472718a5b0be3b64d7eb647620e18bf5ced25c01bba5e02c54cb9fb07bfunknownAgentTesla
2023-08-21 09:54:3401679480a2019561dc10aaa3b0e19e060bcf11a0ff755d189dcd4ba1a4d7f7aeunknown 
2023-08-21 09:35:07cc0ff94435a883b461d26716d636619c6c670e6e574a2f58ad76f5c1f6de5d40unknownAgentTesla
2023-08-18 19:35:345fae7963422c008476f909d056af0c5436eee0266bba7f4ddb42584324cc6c3cunknownAgentTesla
2023-08-18 19:35:34400cb57d07c36ce90927c301e68c78b5c7dccfcf42d3d4caee6123c5f4d97c1eunknown  
2023-08-17 13:29:08e67ad85c35f71a9b80fad378b3cd59d338dd1c6af74d6c715b578f0b451ddc91unknown  
2023-08-17 13:29:07be153a4036bff7a16febb0821fa79f035bfaed137c0c2a999fcd33e04859a7cfunknownAgentTesla
2023-08-17 10:43:394d3c502f0f65fe269254e1088479d6585a951256972bbe147afff2eec5b39612unknown  
2023-08-15 13:59:29400cb57d07c36ce90927c301e68c78b5c7dccfcf42d3d4caee6123c5f4d97c1eunknown  
2023-08-14 23:52:5160c6242057a2ed2a102be819922a807139becf6b1cda2fa9eeed873fc6320623unknownAgentTesla
2023-08-14 14:48:4286658a7462d380aeba2a776c10aac0c0f968caed09f7a379d6fc9b7617090f05unknown  
2023-08-14 14:48:22d31a6a774c6013736f7ce80b1043943301db7f69224ae53ef0cbefc3df1a50eeunknown  
2023-08-14 13:51:40400cb57d07c36ce90927c301e68c78b5c7dccfcf42d3d4caee6123c5f4d97c1eunknown  
2023-08-14 13:45:09a06f443a1ca6cbaf9e8cd3a2ff0e7ec0d982d654709e952fc68621450926c509unknownAgentTesla
2023-08-13 22:57:00cc26f921ef34cc23e300664898249637bcc101bb21d84e38b6413600856f498funknown  
2023-08-11 10:45:13f07ac8ef5867661946ec9ec78146da73fda84530a99f301617be3a1098ee22c4unknown  
2023-08-11 00:14:40f4ecab2c13931ce264695aeedef4d7cd75b03a68d3eaeb21ac063067b37b9c5bunknown  
2023-08-10 18:55:286919a76f3195831e723369fc33bc336423703ec73f039ecddc8af9442c1a33e3unknown  
2023-08-10 18:50:07b9a72ccaad2c22150062d59d79744e1ab3aa5a106aa0837bdde9e05ccb39c91eunknownAgentTesla
2023-08-09 22:30:59f867d0536d9eb653f0717a253abf98434106ad7763a115620ccf90d37126d680unknown  
2023-08-09 22:07:2425d7192ddd90ba0a4ef9de9a9bed58e777fdee8fe7403a0403d673c6bdc66f21unknown  
2023-08-09 18:03:048aca5216ec4f2024d7b4382e82f7402d5aa6d3fd24743b6b6fb033154ddbe9deunknown  
2023-08-09 18:01:0684fa54115b55bbf6f4c1c5a91b7878bdd70c09be1d66f29464910de941891253unknown  
2023-08-09 18:00:10cb37d35163b285713896b47f22aa63e9ce74d9d53552ff04308379897175bbe2unknown  
2023-08-09 18:00:103a398f4dabf6acb4f0ba3db4343454e772d24cd688135ed07a7fd73036c5c385unknown  
2023-08-09 17:43:17400cb57d07c36ce90927c301e68c78b5c7dccfcf42d3d4caee6123c5f4d97c1eunknown  
2023-08-08 13:42:06d1feda287249dc562cb50bf9fe7a09ac4b34aaef7366f9f99c7450d3de5251a7unknownAgentTesla
2023-08-08 13:42:052dc4aa9e5bddc97e380bfa20e2d686e1e8f82331d6cfbd7eaefc1246c1570477unknown  
2023-08-08 13:41:05d76ee72d1c5a36ab92265242f2eba99bfee9c749de5f4c3aa2bb6ce2b3785351unknown  
2023-08-06 09:04:2002ae7c8b52ac55cd6f3d4b6afc242c9409b5f51bf586d246bbe2dfa8e3116718unknown  
2023-08-06 09:04:20e67ad85c35f71a9b80fad378b3cd59d338dd1c6af74d6c715b578f0b451ddc91unknown