URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 216.170.114.70
Firstseen:2020-12-01 19:50:03 UTC
Total malware sites :7
Online malware sites :0 (0%)
Offline Malware sites :7 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2020-12-01 19:50:16 216.170.114.70Not listedAS395339 DONNELLEY-FINANCIAL- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-12-15 16:55:05http://216.170.114.70/regasm/chrome.exeOfflineAZORult ext exe opendir abuse_ch
2020-12-04 19:01:04http://216.170.114.70/regasm/document.docOfflineAgentTesla ext p5yb34m
2020-12-04 19:00:07http://216.170.114.70/regasm/order.exeOfflineAgentTesla ext exe p5yb34m
2020-12-03 15:54:06http://216.170.114.70/regasm/x.exeOfflineexe abuse_ch
2020-12-02 10:42:05http://216.170.114.70/regasm/vbc.exeOfflineAgentTesla ext exe abuse_ch
2020-12-02 01:13:03http://216.170.114.70/document.docOfflineRTF zbetcheckin
2020-12-01 19:50:16http://216.170.114.70/win/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-12-31 01:39:24a7d250d16e52be594a0dc8292110a3bab73b77840e011f6e90c637a674fe5600exeAgentTesla
2020-12-30 09:15:150d18d3ad450d2c0b56cc07a890d32b45bec36dc3c1ee28a0affd530687701eeaexeAgentTesla
2020-12-30 08:51:02484a8627e58d52623e67f88d6e90a2bd5e81a234dd3e1a528b42d30480b67f7aexeAgentTesla
2020-12-29 15:37:164a3724a895ab336e183024862925d0ad6d66eff5eb8a1bae8c45afc004e65157exeAgentTesla
2020-12-28 15:38:5007d5f066f676954e18d83828bca1f87947ef5612997aa09f63c6abb992150225exeAgentTesla
2020-12-28 14:35:48aec5dbe1cc640224304080438ca877932016e4710c12b649e9aae03901e36a2eexe AgentTesla
2020-12-15 16:55:05229431c53cbd8052f7a33fe0f9ccac1a75ea61b5657120a1cd61dcbdbc8caf11exeAZORult
2020-12-10 12:23:27f2436a308e6189128401819fbb1f60f7094e3843bd2f3902739f545b29eda2a7exe 
2020-12-09 09:27:453ef39c4ba30114688584f0d34d5c4238fba9e5fe3f3e405d38109eb2a4619576exeAgentTesla
2020-12-08 13:56:324417a35b1aab9abe76e8d61ec1fea70482d7e4cc4136434324b4023f5574afe4rtfAgentTesla
2020-12-07 11:43:405f04aeab5b9d0ae2cfee2e6e5d50d36f0ee8634af022bfd9e7220157cf2545a9rtfAgentTesla
2020-12-04 19:01:040579b258d0be73b20cd434e8004e2bcd134f3277915f30f743f03f9b55fe0cf6rtfAgentTesla
2020-12-04 19:00:073e8071aede5cd9dc2500f881d56bdd1f3e98fddf7029f991f80ac5b5f9f86224exeAgentTesla
2020-12-04 06:16:35683478f861e01bef5ec49d9ecdeaafd9c156811fc2e7b0acf28f2c9ea0d0fcc1exeAgentTesla
2020-12-03 15:54:06f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aaexe 
2020-12-03 12:12:243700a970f0388eab91ae394304a67b22ed4132e47c6037805c175c9e9ea1d0d9exeAgentTesla
2020-12-02 15:32:270ea9918fde5a26af008b03a8f9dbccb1e48070ab92b8ae0651f1e80fb8dbce3aexeAgentTesla
2020-12-02 10:42:05ac84fce48dc5fc0ece582c6cd8f5486d044f48f2923e949d27c5ea44cb0a80a0exeAgentTesla
2020-12-02 01:13:0326a1dfa03c1907eb275639ddcc40b78713598a33c9842ee03d882941eae4af57rtf 
2020-12-01 19:50:07f2cfe1f156f2ee4f47cb3d08b574d722b46918bf1daee7c37514253b9f653a61exeAgentTesla