URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 172.245.155.116
Firstseen:2026-01-30 09:40:05 UTC
Total malware sites :2
Online malware sites :1 (50%)
Offline Malware sites :1 (50%)
Newest active malware site :2026-01-30 09:40:09 UTC
Oldest active malware site :2026-01-30 09:40:09 UTC (Age: 23 days, 20 hours, 33 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-01-30 09:40:09 172.245.155.116172-245-155-116-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-02-16 08:49:05http://172.245.155.116/16/sdf989f9g89fd9sg8g34j...Offline abuse_ch
2026-01-30 09:40:09http://172.245.155.116/img/optimized_MSI.pngOnlinemsi-stego stego JAMESWT_WT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-02-16 00:50:35656991f4dabe0e5d989be730dac86a2cf294b6b538b08d7db7a0a72f0c6c484bunknown  
2026-02-09 00:47:4863429c406e72a033455a6dced8e1b3e644297703fd88da8827600db7dc1c5fc4unknown  
2026-02-04 00:12:132b65163cb782092d7018e39b9e4a6d2d56b6f934fd03e4995c9d86bb316e01d1unknown  
2026-02-01 18:15:183ccd84c6fad4189bd2b127e6eddbb6a8b7a0dcf8dd5cca203003983d34cbf81cunknown  
2026-01-30 09:40:093f4c3c16f63fb90d1fd64b031d8a9803035f3cb18332e198850896881fb42fe5unknown