URLhaus Database

You are currently viewing the URLhaus database entry for http://45.95.169.115/it.sh which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1733367
URL:	http://45.95.169.115/it.sh
URL Status:	Offline
Host:	45.95.169.115
Date added:	2021-10-31 21:23:11 UTC
Last online:	2021-11-22 20:XX:XX UTC
Threat:	Malware download
Reporter:	Petras_Simeon
Abuse complaint sent (?):	Yes (2021-10-31 21:24:36 UTC to abuse{at}maxko[dot]org)
Takedown time:	21 days, 23 hours, 21 minutes (down since 2021-11-22 20:46:26 UTC)
Tags:	Mozi

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2021-11-20	n/a	unknown	6bda4c03552abb3f509d2b7beb573cfe041516ed146445d60e19fdfb12b7596c	n/a
2021-11-20	n/a	unknown	f7b95d3c76702cae7d94f8694a56aa5afab4b71cab1200e6bd196c9ff6ea1774	n/a
2021-11-11	n/a	unknown	ef6cc4756d36b459349f0d6799fef1a6c07c4d972f6520dbe18c560968645607	38.60%
2021-11-06	n/a	unknown	4b0c3ea76547bdf8908d83f2dd7d1dcfad5b789cc91eca6d1d1a6b49ad2a5160	n/a
2021-11-06	n/a	unknown	30510f0f6f0980b80ef983a55b2e5e16c2c0e20f6c5ff2a53c87e3e3af2bf83d	n/a
2021-11-03	n/a	unknown	bab347a42f839ab868919d3b2200b31d977bf7cb06eb748c0a0a54ec8868d24d	n/a
2021-10-31	n/a	unknown	f0be1776e4532ea83ac95f8d311daa7e5b95bea2ff5e97486710a367dbe20ed3	n/a