URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 172.245.214.91
Firstseen:2024-02-07 07:39:05 UTC
Total malware sites :28
Online malware sites :0 (0%)
Offline Malware sites :28 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2024-02-07 07:39:11 172.245.214.91172-245-214-91-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-02-23 16:45:13http://172.245.214.91/dridsiscopfilebase64.txtOfflineAgentTesla ext abuse_ch
2024-02-23 16:37:09http://172.245.214.91/mylovetoindustrytopofthel...OfflineAgentTesla ext doc abuse_ch
2024-02-23 16:37:09http://172.245.214.91/fridaexploit1.vbsOfflineAgentTesla ext vbs abuse_ch
2024-02-21 13:35:08http://172.245.214.91/afternooniwalkupfromtheun...OfflineAgentTesla ext doc abuse_ch
2024-02-21 13:35:08http://172.245.214.91/tuesdayfileafternoon.vbsOfflineAgentTesla ext vbs abuse_ch
2024-02-20 20:52:06http://172.245.214.91/tusdaymrngiwalkupfromtheu...Offlinedropper James_inthe_box
2024-02-20 20:52:06http://172.245.214.91/tuesdayfilemorning.vbsOfflinedropper James_inthe_box
2024-02-20 15:53:08http://172.245.214.91/invvvvreCryptersAndTools.vbsOfflineAgentTesla ext vbs abuse_ch
2024-02-16 12:29:08http://172.245.214.91/invbase64.txtOfflineAgentTesla ext ascii Encoded abuse_ch
2024-02-16 12:28:06http://172.245.214.91/ijnnnnnvCryptersAndTools.vbsOfflinevbs abuse_ch
2024-02-16 12:20:10http://172.245.214.91/Pdcitui.mp3Offline abuse_ch
2024-02-16 12:20:10http://172.245.214.91/dromicrotechnologytodevel...Offline abuse_ch
2024-02-16 12:20:06http://172.245.214.91/Mhycevvreol.mp4Offline abuse_ch
2024-02-16 12:20:06http://172.245.214.91/wsfmicrosoftdesignballonp...Offline abuse_ch
2024-02-16 12:20:06http://172.245.214.91/Xrvumyp.pdfOffline abuse_ch
2024-02-16 12:20:06http://172.245.214.91/Oqqpo.wavOffline abuse_ch
2024-02-13 13:58:07http://172.245.214.91/vbsmicrosoftredesignbuddy...OfflineAgentTesla ext doc abuse_ch
2024-02-13 13:58:06http://172.245.214.91/droidmonday.vbsOfflineAgentTesla ext vbs abuse_ch
2024-02-13 07:47:04http://172.245.214.91/droidmonday.htaOfflinehta abuse_ch
2024-02-13 07:46:06http://172.245.214.91/htamicrosoftredesignbuddy...OfflineAgentTesla ext doc abuse_ch
2024-02-09 21:34:08http://172.245.214.91/base64droid.txtOfflineAgentTesla ext OriginLogger James_inthe_box
2024-02-09 18:32:09http://172.245.214.91/54wedfreshairgetfrommicro...OfflineAgentTesla ext doc abuse_ch
2024-02-09 18:32:09http://172.245.214.91/54wednewsmangero.vbsOfflineAgentTesla ext vbs abuse_ch
2024-02-08 08:19:05http://172.245.214.91/comprobante%20de%20transf...OfflineAgentTesla ext hta abuse_ch
2024-02-08 07:51:06http://172.245.214.91/wedfreshairgetfrommicrosf...OfflineAgentTesla ext doc abuse_ch
2024-02-08 07:51:06http://172.245.214.91/wednewsmangero.vbsOfflineAgentTesla ext vbs abuse_ch
2024-02-07 07:39:11http://172.245.214.91/mangero.vbsOfflineAgentTesla ext vbs abuse_ch
2024-02-07 07:39:11http://172.245.214.91/vbsmicrosoftdesignballonp...OfflineAgentTesla ext doc abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-02-23 20:35:172b59477f9d47cf642f8adeed9f8f1e2f313f7db96341900cfac50fe8717c910bunknown  
2024-02-23 17:24:3013ab4dc9332e2681c9d581b1bbfb86034defbd750d80569483017cef6de7a531unknown  
2024-02-23 16:45:1331091d9447b50a39b69eae51a7dc661a68793cddb0153b1cfd373c412dcbc5fbtxt AgentTesla
2024-02-23 16:37:09fc9358b07f539d49b035be443bbce78091d30bc4012a220886cc8156be7854f0unknown  
2024-02-23 16:37:098fac26316c54ca4092f7152f897e1efc25e057944de2e98175d8f61c4e79ff4funknown  
2024-02-21 18:02:315fcdfcd3a963be69bb9e5eed1b8c7e6fc1a3d4d2587643f530463daf50d7be2eunknown  
2024-02-21 15:00:460cdab8eb749dc506de24eb8a34b20c059a81745108cb5c4374597771d25def3eunknown  
2024-02-21 13:35:083e7489ca2f9a6b80ff8e7b196160608bc25ccf300003095f15b6b1a835019ce5unknown  
2024-02-21 13:35:08d946424d27e1633bc0e12190ba2aef994ab437d30959001af8816520b91628b1unknown  
2024-02-21 10:44:01c40ee20f34fb3a66d1adf348104daebf90e342069a889d6646aeb002598ef553unknown  
2024-02-20 23:28:426c32047086705ffb4f6a2f504491a6f7101c049ddf3607d0fcf1a99dadd2114eunknown  
2024-02-20 23:01:348b821c1ef37583a533f5aa30c95390d7c246c822ae58879d4308f23a2c1f5271unknown  
2024-02-20 21:50:35ef3eb6c8d7a04b6a55079c27829bdbe8db4ac48b5b5d5c88ef9df2efcdb70e7dunknown  
2024-02-20 20:52:06f36bca93cd427ee836086a10c877608d1790bd0aaecf042ffcf9665cece8a74aunknown  
2024-02-20 20:52:060ea42810da28f2ccaa3d168d56f93f1776cb7c1492e0178dc0c377a16bc66ebcunknown  
2024-02-20 15:53:08e7b2e51a4c7998ebcc2990afb53cb8f4b4e33776e8e0d6bda4ee2d38132ff823unknown  
2024-02-16 12:29:08ddf5e91d5da622263b109e097b89bb59e2fe440e58b026596a02ae71c4f804fbtxt AgentTesla
2024-02-16 12:28:06e2f4c38792726ebaef7a21861286ecc3c2789eb5849346830a227b5c3b1af4c0unknown  
2024-02-16 12:20:107305ad437f1703060815451146ad0ec03ad94ffb5ab0e8064c6fd84ade43f842unknown  
2024-02-16 12:20:109d8ee0992a7fef70f1a54bc5cb1d740893a9ceaf3adb8cbbf3d552b9b182eb44unknown  
2024-02-13 17:54:15e77ab1e35ca74fa4f6612502a66d7ccac8243b2002899913eb21727bc4bac37bunknown  
2024-02-13 13:58:075975edf0d43385f302b13c34dadb029c606706902afdc29863a40725d70088aaunknown  
2024-02-13 13:58:06caf2832c4974556d7b24898e2686f450d81b0021afd019b3609ba8fa955834c0unknown  
2024-02-13 07:46:06a68d15a2452246e75fb935a1ecbba8c326492cb5defb81b38897e23c70d497bbunknown  
2024-02-09 21:34:087c921c0734c92f7c61d0d0afd45739167c5ea1ba1f7bdadeb1c751a3d3c30126txt AgentTesla
2024-02-09 21:21:34717cd98bc50faa10c153ba00f29037db8c5189be9b8acf68bf0a08c31fbfbb3bunknown  
2024-02-09 19:50:520f3f0fb9d4815dec423f0ed331ebde766cd81f6c13926c6de3370661f4386d35unknown  
2024-02-09 18:32:0972ed96f5a45ae46ed5ca24c6ab137bc15b3324cf8e8f7151d00845c98181f509unknown  
2024-02-09 18:32:09beaf1576b93548252738ed9846294de820317b8acc76dd5d35bcd46f236a7c5cunknown  
2024-02-08 11:58:20fe00737f3870838e1dcbe8b5345f2c68bd2880b74448bd96f5ddccc46d405f2dunknown  
2024-02-08 07:51:0637d2bdd58d1ce24c6bd2f102da5b895213f480d106ae905da50254262decf597unknown  
2024-02-08 07:51:06c1ab1210d66dcfe35ecdacb52cf28ce53fdcc6d16ebc60d454ef6132a3cbb41eunknown AgentTesla
2024-02-07 14:55:58ea51e4bd6ac44457723b3c405d1b852d7a119ded1842a1731ab3093954575317unknown  
2024-02-07 11:51:185228e4f527a8bb31d260719654eaafae4d6726f663ffa7248e8cc649baf9874cunknown  
2024-02-07 07:39:073159c3448442a380fb95869a3cde67b5955576d5f93d4cf534c8df26506c5b42unknown  
2024-02-07 07:39:07534043bf822a584b6d6193692645f15e0f6b12cf288b7ddfc7e82bcd3273cce6unknown