URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	13.114.247.134
Firstseen:	2021-04-09 12:51:02 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-04-09 12:51:05	13.114.247.134	ec2-13-114-247-134.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-04-09 12:51:06	http://13.114.247.134/winhace/orgd.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-04-09 12:51:05	http://13.114.247.134/winhace/xlsf.exe	Offline	exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-04-11 18:01:22	dd987f07d4e8f3d29758757aea5ff5fee6fca9927d79e18f429b513e42491a09	exe	Formbook
2021-04-11 17:54:40	36c5c91ad9faeed3bbd7bf576aca9d4a5c040d802a521584cd094776e61320ca	exe	AgentTesla
2021-04-10 20:17:43	b9a1fe9efdf30fcb9880c9c06f7454179e57556e000ab5bca198bccca5623704	exe	Formbook
2021-04-10 20:17:24	9f693db7614129ee50af1b6765fe78ae1d319e6aa19f3e675a79c72df0520ad1	exe	AgentTesla
2021-04-10 06:02:27	0a0485ca368abcbc3c147cdf10b1e649d1645860de2199f890591f99171f5ce0	exe	Formbook
2021-04-10 05:59:10	6dc8a34aece4d4250886f68c18a406e216a82886e2e34d8d8c6983bb9989591d	exe	AgentTesla
2021-04-09 12:51:06	418a675c64aac0ba99641f5a7fcd5fa14af962e19626c4f5921c5fbad870c93c	exe	AgentTesla
2021-04-09 12:51:05	038be70d00970bdeed90434c6f0281c9bb765909ce3c88c20e98c98e3b567d5d	exe	Formbook