URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 107.172.73.137
Firstseen:2022-05-10 11:21:03 UTC
Total malware sites :7
Online malware sites :0 (0%)
Offline Malware sites :7 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-05-10 11:21:07 107.172.73.137107-172-73-137-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-07-16 07:35:05http://107.172.73.137/9281/vbc.exeOfflineexe opendir abuse_ch
2022-07-07 15:25:14http://107.172.73.137/abc/loader5.exeOfflineLoki ext Anonymous
2022-07-07 15:25:14http://107.172.73.137/abc/loader1.exeOfflineLoki ext Anonymous
2022-06-27 08:38:05http://107.172.73.137/xyz/loader1.exeOfflineexe Loki ext opendir Anonymous
2022-06-27 08:38:05http://107.172.73.137/xyz/loader5.exeOfflineexe Loki ext opendir abuse_ch
2022-05-10 12:55:04http://107.172.73.137/dd/loader2.exeOffline32 exe Formbook ext Loki ext RedLineStealer ext zbetcheckin
2022-05-10 11:21:07http://107.172.73.137/dd/loader4.exeOfflineexe Loki ext opendir abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-07-16 07:35:05f3edd2cfe677d588db70b71b318a884b4551c3e9ccfb49d3c49665a48e9e4fabexeRenamer
2022-07-08 01:35:35983510df5d225cfe14e5d5a8a1f5991c8879de5ae0dcdda84f80f7107094e635exeLoki
2022-07-08 01:28:256b9f47112e85b0e601c831bd6ca840e9f43fdcdc7bee1c60a63687ec41e21af2exeLoki
2022-07-07 15:25:14823ce7eb2b8a050344a26ec96b158913b727dfe0b405c1c966f3356cf957f3d7exeLoki
2022-07-07 15:25:14357d3ec91867d7a5a1a0effeba56f9e4d07c7c8b98cdf84294eeabd9f80dd516exeLoki
2022-06-28 05:22:3022797d4f15b39d839cbb87cd4e0c302cef10d6ac7abab71f06cb87e98efa4463exeLoki
2022-06-27 08:38:05b95fffa4b998dfd7fd76b71740219057610d517bddf6d9f1fdbdfc329c714e9bexeLoki
2022-06-27 08:38:058530fde384bca1fa05f91f63790e76c9eb1be72685a49128d851ff9cae815228exeLoki
2022-06-20 23:14:5158bcc4edf2e14afd8bf7040cd8e184806e9a930cc44f56dec6573dbfdcc578cfexeLoki
2022-06-20 01:32:39b5d0a357f90964778e29fb229eab1f456ad7087253098426ccaf989cea4bff8fexe RedLineStealer
2022-06-15 01:13:13c5b5d33eac9d4387ece662c100b3bcc2fac47d060a66b5c7a080ba8ca345258cexe Loki
2022-06-10 06:39:4787af7d77c45b0b9b8ee786a45f4f82ef2bd45e6a14935dc863c8955b9dd71417exe Loki
2022-06-10 00:37:09d7300261799ca558fe3d08dbe2838388e9157acf98f74e1fc34019480081b3afexe RedLineStealer
2022-06-08 10:44:19c2df32fd3ca2f42e8361af3717e1eab54d908809d685b39c403e492e6a5125b9exe RedLineStealer
2022-06-08 02:45:36604de352cfc00690d2b3f3ca1dc90665f87f7f8274e30fdc2fb82532a578e84aexeLoki
2022-06-07 03:05:5021c7e9b8ab9e92821928a6bb1860b31a53b2d4da0dcdb340388ee7f177d2b964exeRedLineStealer
2022-06-01 05:26:47b9e0d6a9c945576fb24507299b953652f3781cfde1ecaa1808e17ef315a50d57exeLoki
2022-05-18 23:03:515e0b3793ea67f580aa658ab4629f7a4f4f9e307083c4ac4b6604a959d204b856exeFormbook
2022-05-18 01:54:01f81ca03de23dffa40657f1f033f5d70117462cb232d853e9e2c326061ca32f23exe Loki
2022-05-16 04:17:57d01d91c8a0032b9f4bd1d35c94d5d67f396acd6f54cad98655a64ca80ce967cbexeLoki
2022-05-16 02:34:1252a539866fa6472c9c5367c5318e2cd9c5acb140701f2ca97d5869ca47b88457exeLoki
2022-05-10 12:55:049c31d9a430e6dbe6d92835442a8371d277ae07b8bac0190ce3b4a2d22e59352cexeLoki
2022-05-10 11:21:045a8972d75037e916016c48dc1ec724bffcecf961ddd320583658b066c9c5c736exeLoki