URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	172.245.45.28
Firstseen:	2021-04-14 07:22:03 UTC
Total malware sites :	13
Online malware sites :	0 (0%)
Offline Malware sites :	13 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-04-14 07:22:04	172.245.45.28	172-245-45-28-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-04-29 13:59:06	http://172.245.45.28/dashboard/docs/images/kn.exe	Offline	exe NanoCore opendir	abuse_ch
2021-04-29 13:59:06	http://172.245.45.28/dashboard/docs/images/file...	Offline	NanoCore opendir xlsx	abuse_ch
2021-04-29 13:59:04	http://172.245.45.28/dashboard/docs/images/bin.exe	Offline	exe Formbook opendir	abuse_ch
2021-04-29 13:58:06	http://172.245.45.28/dashboard/docs/images/nd.exe	Offline	exe NanoCore opendir rat	abuse_ch
2021-04-27 08:50:06	http://172.245.45.28/img/america/white/nd%20-%2...	Offline	exe NanoCore	abuse_ch
2021-04-26 05:33:06	http://172.245.45.28/img/america/white/againn.exe	Offline	exe NanoCore opendir	abuse_ch
2021-04-23 11:06:06	http://172.245.45.28/img/america/white/nd.exe	Offline	exe NanoCore opendir	Cryptolaemus1
2021-04-20 11:17:07	http://172.245.45.28/img/covid19/covid.exe	Offline	exe NanoCore opendir	abuse_ch
2021-04-20 11:16:06	http://172.245.45.28/img/covid19/drug.exe	Offline	exe NanoCore opendir rat	abuse_ch
2021-04-14 07:22:09	http://172.245.45.28/torotoro/nd.exe	Offline	AgentTesla exe Loki NanoCore	fr0s7_
2021-04-14 07:22:05	http://172.245.45.28/torotoro/kn.exe	Offline	exe	fr0s7_
2021-04-14 07:22:04	http://172.245.45.28/torotoro/nd.dot	Offline	AgentTesla Loki NanoCore	fr0s7_
2021-04-14 07:22:04	http://172.245.45.28/torotoro/kn.dot	Offline	exe Formbook	fr0s7_

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-05-10 14:09:12	08d9411339dad2fe13ff3f4214d8a8d4a54dd3c9cfc9722c9c57d057826efcff	exe	NanoCore
2021-05-10 14:04:03	08d9411339dad2fe13ff3f4214d8a8d4a54dd3c9cfc9722c9c57d057826efcff	exe	NanoCore
2021-05-10 02:46:33	ceea9c47644de7de819c08704e4ddd4a122ffe22691dcc48ee479614170406ac	exe	NanoCore
2021-05-09 23:15:22	39ea098dc37c12477cdfde92cb07cf2840d907c262c582a2320ade782e01bbcf	exe	NanoCore
2021-05-09 22:09:59	30f55e6b4f6320b18c0f57328be0a9b6b527a20be5bdb9ba8190029cee41783b	exe	NanoCore
2021-05-09 22:02:21	30f55e6b4f6320b18c0f57328be0a9b6b527a20be5bdb9ba8190029cee41783b	exe	NanoCore
2021-05-06 08:54:39	8f94fe68e4decbed1a460bbb09116e1f41fc6987bce37ebb6fd09230d3f89d61	exe	NanoCore
2021-05-06 08:53:11	8f94fe68e4decbed1a460bbb09116e1f41fc6987bce37ebb6fd09230d3f89d61	exe	NanoCore
2021-05-06 05:12:05	5c53bb5c2d8a2d54637df1f9076b4647518a9609a80ad3b4c1bacde15c154e5e	exe	NanoCore
2021-05-06 05:09:52	5c53bb5c2d8a2d54637df1f9076b4647518a9609a80ad3b4c1bacde15c154e5e	exe	NanoCore
2021-05-05 13:54:25	fb76211a9ecc92a59ae103505d5c126e8106907814b0bb8ed6e0580f2aca98fe	exe	NanoCore
2021-05-05 13:47:25	fb76211a9ecc92a59ae103505d5c126e8106907814b0bb8ed6e0580f2aca98fe	exe	NanoCore
2021-05-05 13:06:47	ca7b06be1bfcfd7689710a2b92d80d16fcd00cc3a0f16d353dfd50c4252f0b76	exe	NanoCore
2021-05-05 12:57:28	ca7b06be1bfcfd7689710a2b92d80d16fcd00cc3a0f16d353dfd50c4252f0b76	exe	NanoCore
2021-05-05 07:27:20	f49ae8e59f9a7a9b39534eb42a7b5e5ded93ad8e59d5c9ae88fe2c69c2149ba2	exe	NanoCore
2021-05-05 07:26:11	f49ae8e59f9a7a9b39534eb42a7b5e5ded93ad8e59d5c9ae88fe2c69c2149ba2	exe	NanoCore
2021-05-04 23:44:05	704c8cbba29816992cf47c9d5ae71eb251814e4df4ee3e55ea77cd48644f3dbe	exe	NanoCore
2021-05-04 23:36:38	704c8cbba29816992cf47c9d5ae71eb251814e4df4ee3e55ea77cd48644f3dbe	exe	NanoCore
2021-05-04 08:36:44	6902a2d27d435231224ae6f94b310600501d039190d1a4908653681bcf136095	exe
2021-05-04 08:31:06	6902a2d27d435231224ae6f94b310600501d039190d1a4908653681bcf136095	exe
2021-05-03 12:43:47	5b6d4e4e80dd9a93f40ecfc45c2874d0c504ecf3680858be3ed8e05381cf1188	exe	NanoCore
2021-05-03 07:49:44	3383218b916baf1a46989c4f253b29eb81e97ac763ab71615c81d85a18495f34	exe	NanoCore
2021-05-03 07:22:34	b55552391ee123f26e577b412c0df78bd0a59644ec510d1e7e708feff12a2abb	exe	NanoCore
2021-04-29 13:59:06	35d38e9cfd87be3c230b43c5f9e0173ea78d737e4367e97cffe8604241f82788	exe	NanoCore
2021-04-29 13:59:06	b0cb80b64bd6f09256ad8e940dde69bcf34ea9572c7c8bab6416c6f1f53cde2b	unknown	NanoCore
2021-04-29 13:59:04	3c94599cada17b9fae62316e54a1d69db7c475223721a5a57abe8774a2b5da74	exe	Formbook
2021-04-29 13:58:06	35d38e9cfd87be3c230b43c5f9e0173ea78d737e4367e97cffe8604241f82788	exe	NanoCore
2021-04-27 08:50:06	d09c4c2e8827461c13cdfcec9c8d4f335953b0b2db14274b372ff677721e7469	exe	NanoCore
2021-04-27 04:45:19	d09c4c2e8827461c13cdfcec9c8d4f335953b0b2db14274b372ff677721e7469	exe	NanoCore
2021-04-27 04:06:04	abeed8c3cb18f7ed714c41fdda15a311ca65fb0428fd98f81e61832129d97bfa	exe	NanoCore
2021-04-26 22:52:20	5994f4b5a1526faf78f1bd2b2524b602fe3c3fcf171efc84fa5cdb9cdc210fe9	exe	NanoCore
2021-04-26 09:12:46	197b5679fe9d91e96859d3a39834c0526fe4f808b4344b52715904ea1ce58a9f	exe	NanoCore
2021-04-26 05:33:06	e48629bdaa203994ac62bb4e4eec52e7b83afb30be4e512575a53994f169d627	exe	NanoCore
2021-04-26 03:15:50	9233271ebcb29e292083a4bf81600ceb3475c5a7b207068df66985b1821e6a48	exe	NanoCore
2021-04-25 22:24:54	644e866c23c45251ad297eaaf96a02704325cc16ac14b9561f67612023f414ec	exe	NanoCore
2021-04-25 10:13:22	ccb120f7f64f3f353b197c9e5fa829a6f69133164df8f0de1f25eae0faea5615	exe	NanoCore
2021-04-23 11:06:06	12281e8597eecb8f7247bf9e65408d5b599202e6ba89798a4f7a392bbfe1408e	exe	NanoCore
2021-04-23 10:13:34	12281e8597eecb8f7247bf9e65408d5b599202e6ba89798a4f7a392bbfe1408e	exe	NanoCore
2021-04-23 10:00:41	12281e8597eecb8f7247bf9e65408d5b599202e6ba89798a4f7a392bbfe1408e	exe	NanoCore
2021-04-22 06:02:16	60ea3bae77de9a72d976144ee268cde17dda353dcb981a104b0e2d741b3c803c	exe	NanoCore
2021-04-22 05:53:41	60ea3bae77de9a72d976144ee268cde17dda353dcb981a104b0e2d741b3c803c	exe	NanoCore
2021-04-21 13:44:11	7e07bde93d122c059f5b159267f273d05ff8ac8bec540f3ae3bc7c8cd32f1fc7	exe	NanoCore
2021-04-21 13:19:15	7e07bde93d122c059f5b159267f273d05ff8ac8bec540f3ae3bc7c8cd32f1fc7	exe	NanoCore
2021-04-20 11:17:07	d817b262e1a6608dbb37b9d071406c14b4e31d86cb38adbcfe8197399b0263aa	exe	NanoCore
2021-04-20 11:16:06	d817b262e1a6608dbb37b9d071406c14b4e31d86cb38adbcfe8197399b0263aa	exe	NanoCore
2021-04-20 03:42:55	d817b262e1a6608dbb37b9d071406c14b4e31d86cb38adbcfe8197399b0263aa	exe	NanoCore
2021-04-19 22:21:34	95add0dd216df27f24bf6ec50f28e2b3e57cb8f313d78c89dd10617facc102b1	exe	Loki
2021-04-19 22:20:41	9af05c1cb783bb50a2f280fd22bdc4a8b5160488afc7093a383e6e60cac4d90e	rtf	NanoCore
2021-04-19 22:12:04	70f35721eb13022a6ae320055bf74d8c3bf688d5cd04c3bea37f6c2e4886d1b3	rtf	Formbook
2021-04-18 22:39:15	ad1d775a43e9ea01c9c657198dca8400deb2772ff940bd5c6234d1b569281b98	exe	Loki
2021-04-16 01:14:22	4750b53054697c5ff9a8b607efb24934d65e3ef64f53f8dd2035e3077b4b5aa8	exe
2021-04-15 16:38:46	d2f99cc9154356e6611a695336854cebafdfe613f20f5cd828a25ee0289126e4	exe	Loki
2021-04-14 15:41:37	0f9f04e489253ab7650d5df07a1c706aeb1e7863fef84632fa04478f85869da6	exe
2021-04-14 15:28:35	a1c46fd1c924c9ff7710149508658c2f083f2a38e6bd2d351f81b0b68addc41c	exe	Loki
2021-04-14 07:22:09	bfce6aa3ec92c16510c461f26b9221daf14aaa4e664e3336e3511cf3b9fb19a4	exe	AgentTesla
2021-04-14 07:22:05	d9688de9e38c89e9e4f59047ae8683fae02ba397fa692a6606fb39628851722f	exe
2021-04-14 07:22:04	721339a36ab621f9aac5fb09e8e10d37e51149fddfd0d24f10b6761a45f456db	rtf	Loki
2021-04-14 07:22:04	50e51f844a0653a83e215e03926f3569954fe02882cc07d127c1d8056edc7d5d	rtf	Formbook