URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-11-01 20:32:07	144.217.96.196	r1.a1center.net	Not listed	AS16276 OVH	CA	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-11-01 20:32:09	http://fiestagrandefm.com/ss/100pcs.exe	Offline	RemcosRAT	abus3reports
2024-11-01 20:32:09	http://fiestagrandefm.com/ss/PASSWORDRECOVERY32...	Offline		abus3reports
2024-11-01 20:32:07	http://fiestagrandefm.com/ss/bb.exe	Offline	DarkVisionRAT	abus3reports
2024-11-01 20:32:07	http://fiestagrandefm.com/ss/PASSWORDRECOVERY64...	Offline		abus3reports

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-11-17 07:29:20	0793c3a294f6ae12289036c9894254d6553313bfd3322d1ac2672e7312c9c50b	exe
2024-11-17 06:55:00	cf30c55ec1f1083d8cc3fb4204e29ec50b39788a3c7c561d8d0ab2a9cba86336	exe
2024-11-04 05:11:37	37c9a9c6634bafc3bb63394857bdb97cdef0925bb44e5d55a6eeb92b0116be2f	exe
2024-11-04 03:37:55	0090524f9ff3e0245f80837e5b221714f025694f7647eebe58504c5064561b43	exe
2024-11-01 20:32:09	b4b6159351045ef04f9ba6321722c1c1fd920eac7a3799665d2663775edfa84d	exe		RemcosRAT
2024-11-01 20:32:09	9e06b00783c1ae75cbf04e99817a677439b12e266ff6b9158484dac2d8f73dad	exe
2024-11-01 20:32:07	ccb058d87e0b36a4707237da61542397228f48434616320d0f77d67e6ac82a26	exe		DarkVisionRAT
2024-11-01 20:32:07	aaa8ee28de147d75c7e751656975c5ae998a8ab6a153388d7eca7d0c46cf80ad	exe