URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 198.12.91.239 |
|---|---|
| Firstseen: | 2022-06-20 10:02:03 UTC |
| Total malware sites : | 5 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 5 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2022-06-20 10:02:09 | 198.12.91.239 | 198-12-91-239-host.colocrossing.com | Not listed | AS36352 AS-COLOCROSSING |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-07-07 05:50:05 | http://198.12.91.239/ark.exe | Offline | AgentTesla  exe |  abuse_ch |
| 2022-06-29 16:13:05 | http://198.12.91.239/blessed.exe | Offline | AgentTesla exe | abuse_ch |
| 2022-06-28 09:05:05 | http://198.12.91.239/sbuka.exe | Offline | exe Formbook | abuse_ch |
| 2022-06-27 12:45:05 | Http://198.12.91.239/bless.exe | Offline | AgentTesla |  James_inthe_box |
| 2022-06-20 10:02:09 | http://198.12.91.239/lee.exe | Offline | AgentTesla exe | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-07-14 13:41:23 | 0dd10180a7db757bfbde051f6c0f259c9f7be1adb8dc128cdf5135a923e74384 | exe | AgentTesla | |
| 2022-07-12 14:22:27 | fcc40d69d8a637d5c2c9d18d20d2128fcfb5406574b8b45dd9cf84a3c0a2351e | exe | AgentTesla | |
| 2022-07-07 05:50:05 | 0a0d52483af98fd6bfb36625f347b48206b1d3d20d181ac40af965c3865d4cb9 | exe | AgentTesla | |
| 2022-07-05 11:37:33 | b409b98027eeced5588f596f09cca2f546e4e2b602ceeb6f946fdd9bb3a6c53c | exe | ||
| 2022-06-30 06:07:41 | 3af827d41517b2cf8d28a7448fdfada747053a62854b0dd92af9ffd468898fdd | exe | AgentTesla | |
| 2022-06-29 16:13:05 | 637725a330de0e065671e9adee92835bd542ba55e98055609934cf040d08336c | exe | AgentTesla | |
| 2022-06-28 09:05:05 | 0cfac9ebd9e0bb5a2f128f38b9879e4f103208c8559a68a18bb099fa2b8bf18e | exe | Formbook | |
| 2022-06-27 12:45:05 | d8b4bd718272cfed8b97ecf826452d99f7fe0ea34655e640bfb911a2fac6c652 | exe | AgentTesla | |
| 2022-06-20 10:02:05 | dfa5acb86806632fa7a681304551761050faea1debe25bc383e7d16fc47ba0b9 | exe | AgentTesla |