URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 45.144.212.54
Firstseen:2026-01-15 07:49:05 UTC
Total malware sites :14
Online malware sites :13 (93%)
Offline Malware sites :1 (7%)
Newest active malware site :2026-01-15 07:49:11 UTC
Oldest active malware site :2026-01-15 07:49:10 UTC (Age: 1 day, 4 hours, 40 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-01-15 07:49:09 45.144.212.54SBL687164AS214940 KPRONET- UAyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-01-15 07:49:11http://45.144.212.54/BIN/richard.ps1Onlineascii opendir PhantomStealer powershell ps1 abuse_ch
2026-01-15 07:49:11http://45.144.212.54/BIN/sweet.ps1Onlineascii opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/eazyy.ps1Onlineascii AsyncRAT ext opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/EASY.ps1Onlineascii AsyncRAT ext opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/STEINFTPP.ps1OnlineAgentTesla ext ascii opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/eaz.ps1Onlineascii AsyncRAT ext opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/ikmero.ps1Onlineascii opendir powershell ps1 PureLogsStealer abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/eazyyyyyyy.ps1Onlineascii AsyncRAT ext opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/SECOND.ps1Onlineascii Formbook ext opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/tesst.ps1Onlineascii opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/ENCRYPTED.ps1Onlineascii opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/CU.ps1Onlineascii Formbook ext opendir powershell ps1 abuse_ch
2026-01-15 07:49:10http://45.144.212.54/BIN/newww.ps1Onlineascii opendir powershell ps1 abuse_ch
2026-01-15 07:49:09http://45.144.212.54/BIN/tessted.ps1Offlineascii opendir powershell ps1 abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-01-16 02:50:42fba347a260d78087750b071958b0d3a911ebea93b98a83bce712ce79f580922atxt AgentTesla
2026-01-16 01:21:14f4b9eef8e4ca04b9bef203109eab8639641ea0e8ee40e740b8743b436124cac1txt  
2026-01-15 07:49:11bf73f538cc8750a1fa878fa39ff1040b0520b005b7e2de3bc525223bc29d7c11ps1PhantomStealer
2026-01-15 07:49:117e1fb181d81621d1d4721fc574ad5e08b552aa9afe1ddbc20495054ede44ca7dps1 
2026-01-15 07:49:1002323ae6cf1211fe2cca692faefed667f3b53b222835513fee66f58d81b78283ps1AsyncRAT
2026-01-15 07:49:10b0f0b0021f713025260ef66b20bc58eaf21f789dfc79bf35552059369a857deaps1AsyncRAT
2026-01-15 07:49:10efb66153fb82e130439f0d5252bca14cfa5697f6c3523d56df2a41558e555b94ps1AgentTesla
2026-01-15 07:49:101644f13e5d0c4ad03970f04f894c8ef6fbba3fa99111e524932bbd70bb8d5fa7ps1AsyncRAT
2026-01-15 07:49:10316ea2aefdf2539f5cf1fdf4ac483725a708a658b98996e9dfdef48f95475de0txtPureLogsStealer
2026-01-15 07:49:10aef327fcbd792f763f374dea26310f6349b71d772907f4166325682266d07127txtAsyncRAT
2026-01-15 07:49:10dea7b8093cfdd19ab98eb2281539bb34333e7ba5102888e5ae4b07be63d1d27aps1Formbook
2026-01-15 07:49:10d73c7ce04f0dfdb56656fd9e1761ca31e4b9bb9724ecb16e98b6990d79e7b176ps1 
2026-01-15 07:49:102781dcf99bbe3aedd7ae2a9f9ca7d097676d1df2bd2fa3878e9874849bd0cbb6ps1 
2026-01-15 07:49:106a341d2ac8e12920f79ed4a9b7a509bca52d2eeba0e29d801a37afac4687333eps1Formbook
2026-01-15 07:49:1069f53644f954eccc8376ba769a59df7c43c5d98a2f1ba85f58a7d62369b5264atxt