URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 209.54.102.132 |
|---|---|
| Firstseen: | 2026-03-12 15:46:05 UTC |
| Total malware sites : | 10 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 10 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-03-12 15:46:08 | 209.54.102.132 | 209-54-102-132-host.colocrossing.com | Not listed | AS36352 AS-COLOCROSSING |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2026-03-14 19:13:09 | http://209.54.102.132/NenWhdghvRt253.bin | Offline | GuLoader  |  abuse_ch |
| 2026-03-14 19:13:08 | http://209.54.102.132/Skriveb.sea | Offline | GuLoader | abuse_ch |
| 2026-03-14 19:13:08 | http://209.54.102.132/FADVwMaAoAQUWwOet184.bin | Offline | GuLoader | abuse_ch |
| 2026-03-14 19:13:08 | http://209.54.102.132/Dejection179.msi | Offline | GuLoader | abuse_ch |
| 2026-03-12 19:56:07 | http://209.54.102.132/ZFSkDn73.bin | Offline | GuLoader | abuse_ch |
| 2026-03-12 19:05:09 | http://209.54.102.132/Granad244.pcz | Offline | AgentTesla |  JAMESWT_WT |
| 2026-03-12 19:05:09 | http://209.54.102.132/Progressi.hhk | Offline | JAMESWT_WT | |
| 2026-03-12 19:05:08 | http://209.54.102.132/qobCLhzlKw24.bin | Offline | JAMESWT_WT | |
| 2026-03-12 15:47:08 | http://209.54.102.132/Sexister.hhk | Offline | AgentTesla ascii Encoded GuLoader | abuse_ch |
| 2026-03-12 15:46:08 | http://209.54.102.132/ILitOryfRMXTjathX140.bin | Offline | AgentTesla encrypted GuLoader | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-03-14 19:13:08 | f26acab813c16f21dc3b0e5d28dcd30142f92aa34f66a5ca62e8e2a0cc1f4060 | txt | ||
| 2026-03-14 19:13:08 | 0c9881b992e0da161ce64965303d0576f18c9d73e73fd6b5861c987376378637 | unknown | ||
| 2026-03-14 19:13:08 | 4d538ce96bd95628357924458d8229e16931f1ecf5a0713fdc6ac10029bf6ebe | txt | ||
| 2026-03-14 19:13:08 | 9a5c75d8c61dba161322ab376ac83c7737957aeada88795cd75f06495f53a63f | unknown | ||
| 2026-03-12 19:56:07 | c58ccc527813c65b3305513cd5ce9b48ef5ee8aff75e3e1cc75d4b198d0b9e8b | unknown | ||
| 2026-03-12 19:05:09 | c062faec9abdfd6a969c9d4659e6717818e8816a70dc628fd4d49ff188f7102f | txt | AgentTesla | |
| 2026-03-12 19:05:09 | 5dbda0b22e8204624be9042037e27bdfc0bfde693b3c8aba2b0b45c6731d7dd6 | txt | ||
| 2026-03-12 19:05:08 | bc6350a2380661c58de49f45656e5610eda7efe5f47201705692562946c0651b | unknown | ||
| 2026-03-12 15:47:07 | 76bbd24104e4294d89982510e1424e5aaced0f67e13f45b8231dd106023eea93 | txt | ||
| 2026-03-12 15:46:07 | ff25811474e09df97dc1c7bbe2aa212cdc268eeb8a054a0daba94a499f25bc4a | unknown |