URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	107.173.219.80
Firstseen:	2021-03-26 14:13:03 UTC
Total malware sites :	17
Online malware sites :	0 (0%)
Offline Malware sites :	17 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-03-26 14:13:04	107.173.219.80	107-173-219-80-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-05-20 19:19:03	http://107.173.219.80/prof/vbc.exe	Offline		c_APT_ure
2021-05-11 13:25:05	http://107.173.219.80/ring32/svch.exe	Offline	MassLogger	James_inthe_box
2021-04-30 14:20:05	http://107.173.219.80/prf/regasm.exe	Offline	Loki	info_sec_ca
2021-04-30 14:20:04	http://107.173.219.80/prf/reg.dot	Offline		info_sec_ca
2021-04-30 14:20:04	http://107.173.219.80/prf/regasm.dot	Offline		info_sec_ca
2021-04-27 08:35:10	http://107.173.219.80/prf/reg.exe	Offline	Loki	Anonymous
2021-04-27 08:35:04	http://107.173.219.80/pr/vbc.exe	Offline		Anonymous
2021-04-21 19:13:05	http://107.173.219.80/pro/vbc.exe	Offline	Loki	info_sec_ca
2021-04-21 19:13:04	http://107.173.219.80/pro/svch.exe	Offline	Formbook	info_sec_ca
2021-04-21 19:13:03	http://107.173.219.80/pro/vbc.dot	Offline		info_sec_ca
2021-04-21 19:13:03	http://107.173.219.80/pro/svch.dot	Offline		info_sec_ca
2021-04-10 09:57:04	http://107.173.219.80/.---.-.-.-.-.-.----------...	Offline	RTF	zbetcheckin
2021-04-09 23:21:03	http://107.173.219.80/.---.-.-.-.-.-.----------...	Offline	RTF	zbetcheckin
2021-04-09 13:15:04	http://107.173.219.80/sheng%20exe/vbc.exe	Offline	AgentTesla exe Loki opendir	abuse_ch
2021-04-09 13:15:04	http://107.173.219.80/sheng%20exe/svch.exe	Offline	exe Loki opendir	abuse_ch
2021-03-28 01:18:04	http://107.173.219.80/-...........................	Offline	Loki RTF	zbetcheckin
2021-03-26 14:13:04	http://107.173.219.80/general%20exe/vbc.exe	Offline	exe Loki opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-05-11 13:25:05	4b21973994a4c674d4dd888226ffdfc50704bf10bdf6503c6c4a1c31ad95bfa2	exe	MassLogger
2021-05-06 01:59:17	4c0ccfe62aeeec1a02cba19d60f23739c1e368669c47db06f62d5e18ead50373	exe	Loki
2021-05-05 13:24:29	1f15f5df64176de149af116d6fe5e21e29d9c3808b3a128eab8119af97655eb3	exe	Loki
2021-05-05 13:22:25	1f15f5df64176de149af116d6fe5e21e29d9c3808b3a128eab8119af97655eb3	exe	Loki
2021-05-05 04:20:23	eedad563ca721ad5a3b2bc8fcb680edaba6194e0a0469d7c5ab3d12ca4a346a9	exe	Loki
2021-05-05 01:14:11	2b2b2ac6347e5365f70526f097eb6935cacae09a2a8d9c1a2ae68d05f80e3a46	exe	Loki
2021-05-03 09:44:19	2833ffeca48c46759cb0d4c984e81a9b69614c368bf0052600786e55fd534d67	exe	Loki
2021-05-03 07:36:44	ed5b35389cdc15f792ffef0bac637b0758a566d59945429d6e7e56965bd26b31	exe	Loki
2021-05-03 03:35:10	d40ba6722ae1f278d8c73552c4b18c50808264ead08a491002de7519e984e60d	exe	Loki
2021-05-03 00:55:56	63020b39b5227a6d191e3f59639181c46aa915b28ef97fc45a8b8e1a6a239999	exe	Loki
2021-05-02 17:13:17	f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aa	exe
2021-04-30 20:18:57	9c16ff774c07f42da7d160a884816f162e60b1417130c787d4a8925492b84830	exe	Loki
2021-04-30 14:20:05	f6f0f52e46d65f4aa194f425fcd001dc59dfd63fc428561efb16ea72f93e4269	exe	Loki
2021-04-30 14:20:04	2f6bb2ff304aa3cb02d307dfcbfc525e02468a83ff371ab1efb9202095f341d3	unknown
2021-04-30 14:20:04	2e6c82000ecfdf70439ed68aa4b0aecb0033fd612037148d8347ebee6a3e7759	unknown
2021-04-30 12:00:09	51d2bd93ffe8e6856d5c99512b2eb5ed1aa8e1ea871f8c59512080a0329fcf7e	exe	Loki
2021-04-30 07:42:15	817c644950551a54eb50dfa3ea09b09b0fdab98a67cacf7be33fff76b05e4e11	exe	Loki
2021-04-30 03:40:10	669488b330934b1f361b054f1f72a38db493a8696b20bf1fcdcadc5803d59728	exe	Loki
2021-04-30 01:47:23	bb766b700dfffa1e0189a7107e56ee7e397d3b0f27824a8005c26af405370a34	exe	Loki
2021-04-29 03:50:46	25b6f68e2bf505cfde67c533f5d12e869b30efe831fa82fd91c2c29f59fc77ac	exe	Loki
2021-04-28 22:20:59	1a5e23dc5d964f8bc4d789e6dd94705aeda8add9006a834cbbee29df6b56cc8b	exe	Loki
2021-04-28 13:32:41	f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aa	exe
2021-04-27 08:35:10	d12917a6144995d3a0f32aacb54ec7f38783ee87b59cdd9127e4ba78d3f428fb	exe	Loki
2021-04-24 01:56:09	3339e4fa851eed2d80ccf1fb8fb633a90a8b9f0891b0904e00b3e6ac43f7cd93	unknown
2021-04-22 05:45:07	836996208f9878b763f9c79ef559337c0fd394f034db50eec02b9ba1f281b72d	exe	Formbook
2021-04-22 05:31:35	4737b27bca728371f926c46621a70a908ab054e7981dc2aeb8849e8e169fc947	exe	Loki
2021-04-21 19:13:05	57d6ee60faf10320d9fd37d58aeec59e6735366afece642579ab6d9743c1731b	exe	Loki
2021-04-21 19:13:04	08a758993c43a321076d8bbc7d9352f1affee8ae44db80c1cf2ced2e6f2cfed2	exe	Formbook
2021-04-21 19:13:03	452f6e367543a8889f32ca7057c65adcedffeb6c1e94bd216d9f8ab1c077c4c5	unknown
2021-04-21 19:13:03	ff23451671f17a91f859182de5787439f2fb4ee3e33de8aba58bf7ce0ab786a8	unknown
2021-04-20 03:19:59	756cc5cb41efb5e4e46f92db955bc7df21a9934b54b763d2b1c8ad86b26c6599	exe	Loki
2021-04-15 22:45:45	0845d40154d331ca63220f0414c42f86888bec8eb7b23af8b589e8e5a72afd9a	exe	Loki
2021-04-12 23:41:50	fd578808fbbd44d564598d6c46f512b9511531402f720afc67bcbf6d4d42f59a	exe	Loki
2021-04-12 23:38:43	9f90b7b10a4c06bd9e436e592ff09e578a464baeb35223484e91373529580c08	exe	Loki
2021-04-12 23:00:53	d5b84485647b5207f7f5dab1568f1b7ede5be09b16cfab955b57784f4b8e06d5	exe	Loki
2021-04-12 18:06:06	f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aa	exe
2021-04-12 18:05:45	f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aa	exe
2021-04-10 09:57:04	5136e25d14a490767eedb555649937acaac871cf5df5744992d4cf35b1b03852	rtf
2021-04-09 23:21:03	8e107b7cc6913c49b057fce4573694813028ed01cf47fa54b277c1ce50ac4216	rtf
2021-04-09 13:15:04	28ff20fae19ae13e88927439e029938f17e0a90fc1311d5e3832f8e98ac47282	exe	AgentTesla
2021-04-09 13:15:04	671d78fc9cd97baa9a4fd89f6177ef6972640d9b101b24af51d93c87e800919d	exe	Loki
2021-04-08 07:21:06	f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aa	exe
2021-03-29 17:40:23	8e15f76149baa634caba6bcb021a5793f9b86c6290247d62a3f9628e5e147c7f	exe	Loki
2021-03-28 01:18:04	8a73fd0694a71dc6e9713eb84dd4c216a9eadc2540bb86866eb4c3b66a7d92c7	rtf	Loki
2021-03-26 14:13:04	797969a5d6d6a5209d8df52e0feb301c54059c6806c6cde85057704cf177e13d	exe	Loki