URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 172.245.208.4 |
|---|---|
| Firstseen: | 2023-12-12 12:57:04 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2023-12-12 12:57:08 | 172.245.208.4 | 172-245-208-4-host.colocrossing.com | Not listed | AS36352 AS-COLOCROSSING |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2023-12-19 07:28:06 | http://172.245.208.4/2546/wlanext.exe | Offline | exe GuLoader  |  abuse_ch |
| 2023-12-19 07:28:05 | http://172.245.208.4/wg/Microsoftdigitalwallett... | Offline | doc GuLoader opendir | abuse_ch |
| 2023-12-18 06:50:09 | http://172.245.208.4/mj/upgradedtechnologyforde... | Offline | doc GuLoader opendir | abuse_ch |
| 2023-12-18 06:50:09 | http://172.245.208.4/2341/wlanext.exe | Offline | exe GuLoader | abuse_ch |
| 2023-12-15 19:32:07 | http://172.245.208.4/3456/wlanext.exe | Offline | exe GuLoader opendir | abuse_ch |
| 2023-12-15 19:32:06 | http://172.245.208.4/huj/microsoftdecidedtodele... | Offline | doc opendir | abuse_ch |
| 2023-12-13 12:51:08 | http://172.245.208.4/2116/wlanext.exe | Offline | AgentTesla exe GuLoader opendir | abuse_ch |
| 2023-12-12 12:57:08 | http://172.245.208.4/wfe/microsoftdecidedtoupda... | Offline | Anonymous |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2023-12-21 07:51:32 | a1b72731ababb98a1ef377943d1995a6cb5860585d8e3573db27c095aa28c04a | exe | GuLoader | |
| 2023-12-21 01:04:35 | 1c6e09987689fa3898f6470aef7d67f8d4c77b15d9b752b6dc203f44ab2098ff | exe | ||
| 2023-12-19 07:28:06 | 7b69d0fb7c60cf96272495a946d4311420aa406c477d6c85a002f487bd67531d | exe | GuLoader | |
| 2023-12-19 07:28:05 | 2f19c4dce04070a4dc3f3593b0769c5146aefac5ba3b428792e8b39608d66272 | unknown | ||
| 2023-12-18 06:50:09 | 852e4f9df2bd522c53069b61b5899391d4f518638a1cedec8b0a1e546b3f1a96 | unknown | ||
| 2023-12-18 06:50:09 | 87e405387c248bed68d5c074a9308afa5b837ccbbbb9310d03c3207ee6914fbd | exe | ||
| 2023-12-15 19:32:07 | d0162a86e38114d2aeb0530bfca4d939cd4d15e5cc35d50cb64c20123f0f3204 | exe | GuLoader | |
| 2023-12-15 19:32:06 | eeec64bf8980d1bfe1a584ce994b4676acd411f835ed20a5b71528f801961a0c | unknown | ||
| 2023-12-13 12:51:08 | e028ec06b305b12ae0084a95ff95118dfc97c1870337742446d6981951119c16 | exe | GuLoader | |
| 2023-12-12 12:57:06 | 300f0a2bc495ec461fb3be211465b982cd7336f3b2d98a6e7c08394c38090a5b | unknown |