URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 180.214.239.216 |
|---|---|
| Firstseen: | 2022-02-09 07:47:02 UTC |
| Total malware sites : | 6 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 6 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-02-09 07:47:06 | 180.214.239.216 | Not listed | AS135905 VNPT-AS-VN |  VN | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-03-02 13:25:06 | http://180.214.239.216/__cloud88save/csrss.exe | Offline | exe Formbook  opendir |  abuse_ch |
| 2022-02-28 09:17:07 | http://180.214.239.216/space360/csrss.exe | Offline | exe Formbook opendir | abuse_ch |
| 2022-02-17 17:23:07 | http://180.214.239.216/Explorer10/csrss.exe | Offline | exe Formbook opendir | abuse_ch |
| 2022-02-16 19:30:07 | http://180.214.239.216/ProgramFile/csrss.exe | Offline | AgentTesla exe opendir | abuse_ch |
| 2022-02-14 07:21:06 | http://180.214.239.216/Program(x86)/csrss.exe | Offline | exe Formbook | abuse_ch |
| 2022-02-09 07:47:06 | http://180.214.239.216/mscloud/csrss.exe | Offline | AgentTesla exe | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-03-02 13:25:06 | 1c5eb1ef71716f2a7498f3d8ee6d7aa936dac7cf4c4b920ec2c4ea8c90511824 | exe | Formbook | |
| 2022-02-28 09:17:07 | 7d0f884df7b5cb377f196e56b59689a99e3e43637b7cda4e9482e31c74a625f3 | exe | Formbook | |
| 2022-02-17 17:23:07 | 776233fa1eb951f0d8ea2d27b0da36048e6a17e1dabac5714074152ae68b8958 | exe | Formbook | |
| 2022-02-16 19:30:07 | 8e328f08c530f433084036d59800d85b4ba2911a77b9a8877226c69ee2b7aaef | exe | AgentTesla | |
| 2022-02-14 07:21:06 | 7612746d01cffc33f8f613b57bf35822aad22277ca6c071efe990dadd2fbc853 | exe | Formbook | |
| 2022-02-09 07:47:06 | 631d3e6f3fafa494521d25af6f0641b60b4944d6649af4b26f50c9d06789d7cd | exe | AgentTesla |