URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	107.172.13.131
Firstseen:	2021-10-06 08:31:03 UTC
Total malware sites :	14
Online malware sites :	0 (0%)
Offline Malware sites :	14 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-10-06 08:31:05	107.172.13.131	107-172-13-131-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-10-27 12:05:05	http://107.172.13.131/0092/vbc.exe	Offline	exe Neshta opendir	abuse_ch
2021-10-26 12:59:04	http://107.172.13.131/0091/vbc.exe	Offline	exe Formbook Neshta opendir	abuse_ch
2021-10-21 08:43:04	http://107.172.13.131/00550055/vbc.exe	Offline	exe Formbook GuLoader opendir	abuse_ch
2021-10-21 08:43:04	http://107.172.13.131/00770077/vbc.exe	Offline	exe GuLoader opendir RemcosRAT	abuse_ch
2021-10-18 11:28:03	http://107.172.13.131/00066000/vbc.exe	Offline	exe GuLoader opendir RemcosRAT	abuse_ch
2021-10-18 09:21:04	http://107.172.13.131/00055000/vbc.exe	Offline	exe GuLoader opendir	abuse_ch
2021-10-14 11:07:04	http://107.172.13.131/005005/vbc.exe	Offline	exe GuLoader opendir	abuse_ch
2021-10-14 11:06:05	http://107.172.13.131/0050000/vbc.exe	Offline	exe GuLoader opendir	abuse_ch
2021-10-14 09:48:03	http://107.172.13.131/0020000/vbc.exe	Offline	GuLoader	ps66uk
2021-10-14 09:13:04	http://107.172.13.131/004004/vbc.exe	Offline	GuLoader	ps66uk
2021-10-13 09:07:04	http://107.172.13.131/090900/vbc.exe	Offline	exe Formbook opendir	abuse_ch
2021-10-11 09:09:04	http://107.172.13.131/09090/vbc.exe	Offline	exe Formbook opendir	abuse_ch
2021-10-06 08:40:05	http://107.172.13.131/0789/vbc.exe	Offline	exe Formbook GuLoader opendir	abuse_ch
2021-10-06 08:31:05	http://107.172.13.131/007/vbc.exe	Offline	Formbook GuLoader	ps66uk

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-10-27 12:05:05	6449b0b19510e8c167d7bbc8a8471f81deadda1730c5889147589db21f30cd76	exe	Neshta
2021-10-27 07:58:48	6449b0b19510e8c167d7bbc8a8471f81deadda1730c5889147589db21f30cd76	exe	Neshta
2021-10-26 12:59:04	f8b6860b5f79411ce377df615b3e72745e773c9e89347fdf00adea4f8200e51d	exe	Formbook
2021-10-21 09:31:45	671ae257a2fa478c737c173e0073b81a009458865c16549078328be69e07996b	exe	RemcosRAT
2021-10-21 09:29:59	62af6d80ae19c6beb856b49527eb3bb0d594e7f33c7cb927c7c58f72b9523ea6	exe	Formbook
2021-10-21 08:43:04	554ca6988547c5d01246afea0c1004c987219489eab95274c7366d94cbf0ecf9	exe
2021-10-21 08:43:04	c1ef994f31b0d0aae59985db47f85394ae12e0689385cf4a18cc0a4b8c2d8fee	exe	GuLoader
2021-10-18 11:28:03	466f914dcfe4bd5ca22f2748ccc4effeb03378c7cf7f9a089de910311176e1bb	exe	RemcosRAT
2021-10-18 09:21:04	ed77b015d1ca486b1820727ec913ee0c42b3f622dae4ab25c9605f34ea13ba47	exe	GuLoader
2021-10-14 11:07:04	f16b2f7518ccea4c029f26bb8374e8f5f7be16ca76a68f8e449eba2bf02bf2b6	exe	GuLoader
2021-10-14 11:06:05	773873a915db516ec70cc2ef28da691539af10d2aede89835f3f776f9c9afa04	exe	GuLoader
2021-10-14 09:48:03	4df45d5c109f75ab624bef07b6d0ecc5f7c7fd2527efdd2af3b18e0c5d8b32ee	exe	GuLoader
2021-10-14 09:13:04	4a27f9816dec1c18870712cde14590b8cd84e6fa5a92dc7488f8522b9f5c7911	exe	GuLoader
2021-10-13 09:07:04	740a2bc7e9c8eeed76ef0f812c6c89af35c414317d76ac5b50b28ca0728d103b	exe	Formbook
2021-10-13 08:32:45	0339d69ae0d157ff115b3ab4143b2f7852db33d851aa8ba6701352a03a8d398f	exe
2021-10-12 11:24:59	612a346d3e2412113c53343b67419bc7a13bcf1bfe890137b68b3b5553a20096	exe	Formbook
2021-10-12 06:51:21	d4d741eed6175c2c27cad4ef53d1413c9722b37411e82f30334a611bcbe856b2	exe	Formbook
2021-10-11 09:09:04	b4fc77c70794670f21a4c4fbc3b608589cef7b9d98acadf9b0a956404f6ca0be	exe	Formbook
2021-10-08 01:40:44	e3688d8caa70a496aa55ed70190c2d7fd53487b21f286d14ea6849d78cd375a8	exe	Formbook
2021-10-07 18:24:31	e3688d8caa70a496aa55ed70190c2d7fd53487b21f286d14ea6849d78cd375a8	exe	Formbook
2021-10-06 08:40:05	7b94b072eaf480154e3add0b742144834350184c526edac1a635621132b70cb3	exe	GuLoader
2021-10-06 08:31:04	7b94b072eaf480154e3add0b742144834350184c526edac1a635621132b70cb3	exe	GuLoader