URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 172.245.27.21
Firstseen:2022-01-24 18:25:03 UTC
Total malware sites :8
Online malware sites :0 (0%)
Offline Malware sites :8 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-01-24 18:25:05 172.245.27.21172-245-27-21-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-02-10 19:20:05http://172.245.27.21/razi.exeOfflineAgentTesla ext exe abuse_ch
2022-02-08 16:58:05http://172.245.27.21/white.exeOfflineAgentTesla ext exe abuse_ch
2022-02-01 18:14:04http://172.245.27.21/gody.exeOfflineAgentTesla ext exe abuse_ch
2022-01-31 12:25:05http://172.245.27.21/yk/white.exeOfflineAgentTesla ext exe opendir abuse_ch
2022-01-31 04:47:28http://172.245.27.21/soll.exeOfflineAgentTesla ext exe abuse_ch
2022-01-26 14:50:06http://172.245.27.21/rat.exeOfflineAgentTesla ext exe abuse_ch
2022-01-25 10:05:34http://172.245.27.21/yk/god.exeOfflineAgentTesal AgentTesla ext exe opendir abuse_ch
2022-01-24 18:25:05http://172.245.27.21/you.exeOfflineAgentTesla ext exe abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-02-11 06:28:2377e8143dc61d078d33e2883b03c136af2e851388b9a80239fb2c89444febba87exeAgentTesla
2022-02-10 19:20:05e67d79e0fc80b23b2a83a6a5b8e1e2c78b47a86c005ea955576d46aa5eda03e7exeAgentTesla
2022-02-08 16:58:05035951dbe580e588b7d518a26978c8034f6ab24a5560389d0ee88f7a3fbadcbfexeAgentTesla
2022-02-01 18:14:04bf8200d9a7ed753d6072300397abc134560a0c5269aa658eddf12c3e916aa2c3exeAgentTesla
2022-02-01 05:43:1004ff9019101ea8327cfe716f62c55620e18f4de3ec1aa1e0b83dce1673319bf0exeAgentTesla
2022-01-31 12:25:05fa9936bc9d61abac0738c786392b541e4f7180d4e92a608064c15e1fbc0e0a32exeAgentTesla
2022-01-31 06:45:54bdb5835d8e3381ffea81482e3049d96b00dc799928397d605924883d95f80b4dexeAgentTesla
2022-01-31 04:47:278f9a34a821f52b05d7ec60c32575e79faedea1dd0f30fd6537fc7928e47bd107exeAgentTesla
2022-01-31 04:47:278f9a34a821f52b05d7ec60c32575e79faedea1dd0f30fd6537fc7928e47bd107exeAgentTesla
2022-01-26 14:50:06d305171445d0c971faca105478d79ad175db35cbec25a47abc5ac27ecd05ea71exeAgentTesla
2022-01-26 08:13:1322f1a8db06ec3fb0cde19c7d7874600147655edc56921ec5a339ce2b1b5afb1eexeAgentTesla
2022-01-25 19:33:459df641197f6ce43f025eaf8b2f9505cb7748ceeee9d57d2b9795f67640966f1eexeAgentTesla
2022-01-25 12:08:321825b0aa486178b4a14e4dc3e8ce3f04180ada7aafcfb375e959ac0c1cc66fd1exeAgentTesla
2022-01-25 11:44:441825b0aa486178b4a14e4dc3e8ce3f04180ada7aafcfb375e959ac0c1cc66fd1exeAgentTesla
2022-01-25 10:29:1023c38809e80f5f176d8f44eb232184ba707e03f28ef0680d5cec943cb93966f8exeAgentTesla
2022-01-25 06:29:4723c38809e80f5f176d8f44eb232184ba707e03f28ef0680d5cec943cb93966f8exeAgentTesla
2022-01-25 00:31:23a6bc8141d94e9cce73fa5227db528b93402cbb9609c509e41b9ddc1008fe5663exe  
2022-01-24 18:25:049edfb1d8c25f17d4b5c94398f3eff45d7e8d7d33c94e60c3f358ffdc4fa92627exeAgentTesla