URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	107.172.73.140
Firstseen:	2022-03-15 14:40:03 UTC
Total malware sites :	12
Online malware sites :	0 (0%)
Offline Malware sites :	12 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-03-15 14:40:06	107.172.73.140	107-172-73-140-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-07-12 15:48:04	http://107.172.73.140/700/vbc.exe	Offline	Loki lokibot	ps66uk
2022-04-12 15:09:04	http://107.172.73.140/bbm/gmg.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-04-11 17:46:04	http://107.172.73.140/gee/man.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-04-08 09:22:04	http://107.172.73.140/mum/guy.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-04-06 15:34:04	http://107.172.73.140/aba/gun.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-04-06 15:34:04	http://107.172.73.140/imo/don.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-04-01 13:57:04	http://107.172.73.140/tog/alu.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-03-31 08:59:04	http://107.172.73.140/iri/waw.exe	Offline	exe Formbook opendir	abuse_ch
2022-03-22 18:24:05	http://107.172.73.140/qmq/jkj.exe	Offline	exe Formbook opendir	abuse_ch
2022-03-22 18:24:05	http://107.172.73.140/tot/dmd.exe	Offline	exe Formbook opendir	abuse_ch
2022-03-21 09:15:05	http://107.172.73.140/hmh/bob.exe	Offline	exe Formbook opendir	abuse_ch
2022-03-15 14:40:06	http://107.172.73.140/acc/man.exe	Offline	exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-07-13 02:46:04	23da9c9cb69beaa4ef047739cda8f315a396fcda1155272b1a2f4614c5e77bc0	exe	Loki
2022-07-12 15:48:04	3108a141b8199249069f2bbf1570a719a168d4460d4997aba1eadc4e06f060fa	exe	Loki
2022-04-13 02:36:14	3000e985c0242ce67c2848597c21788af22c353da3a13a1f3cbc261d857504ca	exe	AgentTesla
2022-04-12 20:30:35	d55001b5ff0b9126c16a7fc8f20c72c56eb1a2a9d9f1e9867481c1f9f85feb2e	exe	AgentTesla
2022-04-12 15:09:04	f9a3872603bab9d16727daf3e24705ff94100d4bf2838679b5e9288aa02bd32a	exe	AgentTesla
2022-04-11 17:46:04	f66df3806ed429acb7329a8a10fa3f86dcbda02376e4714990cefd6564a94678	exe	AgentTesla
2022-04-08 09:22:04	6d8fe8e4b99da6d816d7335bd1ace36db4706fda0e1e46dceb5657ca1a57d81c	exe	AgentTesla
2022-04-06 15:34:04	7e840527c08cc44418a9d45ce4311b201cf5e15f85efb806ca81edd7d5c29fd8	exe	AgentTesla
2022-04-06 15:34:04	fb37efb44fe9befa68076e623e3f2ba4d1f4f13c65892ce04227be3857b77f04	exe	AgentTesla
2022-04-01 13:57:04	7817d24ac9fa9ebe89664fd87eaf065f6e71a977bfe14154924c98a596ae6e74	exe	AgentTesla
2022-03-31 08:59:04	345a777b503e381bf28a664c28a9945255c93a2ee597b3da5bea25b81e3d70b7	exe	Formbook
2022-03-23 10:18:19	1adbcbe596643451133f94a5976e52a5e8f608682124477f47141996eb5a98d7	exe
2022-03-22 18:24:05	a859b5915c6f8b44328717583e36f7ae1020f1cbdd35e93e17e232370865e3dd	exe	Formbook
2022-03-22 18:24:04	dd39f14948021a7f17de30d38f334142b9f7c26c2fffb174f689bccddce94b29	exe	Formbook
2022-03-21 09:15:05	ca77df966e202e0eab6d3c2280f95fb59aee28b5e9e540be3dca1d66c46bf2af	exe	Formbook
2022-03-15 14:40:05	19d34ef30d521849caa19f1cf2adc2f4c8097483cfb436ff6066ad60387b630f	exe	Formbook