URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 13.213.35.249 |
|---|---|
| Firstseen: | 2021-08-18 07:28:02 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-08-18 07:28:05 | 13.213.35.249 | ec2-13-213-35-249.ap-southeast-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 |  SG | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-08-18 07:43:08 | http://13.213.35.249/www/sap-5.exe | Offline | exe Formbook  opendir |  abuse_ch |
| 2021-08-18 07:43:07 | http://13.213.35.249/www/sap-4.exe | Offline | exe opendir RedLineStealer | abuse_ch |
| 2021-08-18 07:43:07 | http://13.213.35.249/www/sap-3.exe | Offline | exe Formbook opendir | abuse_ch |
| 2021-08-18 07:29:08 | http://13.213.35.249/www/sap-2.exe | Offline | exe Formbook opendir | abuse_ch |
| 2021-08-18 07:29:07 | http://13.213.35.249/www/sap-055.exe | Offline | exe Formbook opendir | abuse_ch |
| 2021-08-18 07:29:07 | http://13.213.35.249/www/sap-01.exe | Offline | exe Formbook opendir | abuse_ch |
| 2021-08-18 07:29:07 | http://13.213.35.249/www/sap-0.exe | Offline | exe Formbook opendir | abuse_ch |
| 2021-08-18 07:28:05 | http://13.213.35.249/www/sap.exe | Offline | exe Formbook opendir | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-08-18 07:43:08 | 23f8ea6f79340ef82479018b1b9d98348d0f8c873db0142c4dc6b0da8152e394 | exe | Formbook | |
| 2021-08-18 07:43:07 | c96d019e7453e5101895e5fd28388e4483d13d7c7f17979024c27d3637cb8a8b | exe | Formbook | |
| 2021-08-18 07:43:06 | 447705277a38d4c1dad0862fb9730bcfbcd3a0f24a63327831572c74651c7b95 | exe | RedLineStealer | |
| 2021-08-18 07:29:08 | f3270afb61ba9b96ebb681a138a5ffb3b38d940e63006bbc70cd5e4f20f9300b | exe | Formbook | |
| 2021-08-18 07:29:07 | 8011f6905421ffe56380b453cfab0145621402b3db3b86108d4d609cacd1647a | exe | Formbook | |
| 2021-08-18 07:29:07 | dc1c5ccb8d61106eac3205901e328a044d429c32c68b7b1c45def63ae29f1b45 | exe | Formbook | |
| 2021-08-18 07:29:07 | 8d27c368e6431f796a96389ac517d654ca3de20a6b9047095a47691532c7cf11 | exe | Formbook | |
| 2021-08-18 07:28:05 | 61b0520ff97d02ed6ede17c12be0d96d37bac631502cc8b03a82af4726c81fdf | exe | Formbook |