URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	45.159.189.39
Firstseen:	2021-12-16 22:04:03 UTC
Total malware sites :	19
Online malware sites :	0 (0%)
Offline Malware sites :	19 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-12-16 22:04:04	45.159.189.39	orgagvscp.org.uk	Not listed	AS14576 HOSTING-SOLUTIONS	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-12-18 16:08:06	http://45.159.189.39:8080/1/deployement_crypted...	Offline	32 exe RedLineStealer	zbetcheckin
2021-12-18 08:08:05	http://45.159.189.39:8080/1/Southering.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 08:08:05	http://45.159.189.39:8080/1/testRLv2.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 08:08:04	http://45.159.189.39:8080/1/TestOtSupa.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 08:08:04	http://45.159.189.39:8080/1/Manatee.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 08:08:04	http://45.159.189.39:8080/1/Stingingly.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 08:08:04	http://45.159.189.39:8080/1/oTradingPlatform.exe	Offline	exe hfs	abuse_ch
2021-12-18 08:08:04	http://45.159.189.39:8080/1/one_castro.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 08:08:04	http://45.159.189.39:8080/1/RewGlottidean.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 08:08:04	http://45.159.189.39:8080/1/castroMozgoeb3.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 08:08:03	http://45.159.189.39:8080/1/castroMozgoeb2.exe	Offline	exe hfs RedLineStealer	abuse_ch
2021-12-18 00:33:11	http://45.159.189.39:8080/1/setup.exe	Offline	exe RedLineStealer	Cryptolaemus1
2021-12-18 00:33:05	http://45.159.189.39:8080/1/a_2021-12-17_20-49.exe	Offline	Amadey exe	Cryptolaemus1
2021-12-18 00:33:04	http://45.159.189.39:8080/1/payload.exe	Offline	exe RedLineStealer	Cryptolaemus1
2021-12-17 21:15:05	http://45.159.189.39:8080/1/Caesura.exe	Offline	32 exe RedLineStealer	zbetcheckin
2021-12-17 01:21:05	http://45.159.189.39:8080/1/build_FullCrypt.exe	Offline	32 ArkeiStealer exe	zbetcheckin
2021-12-17 01:15:04	http://45.159.189.39:8080/1/Amusable.exe	Offline	32 exe RedLineStealer	zbetcheckin
2021-12-16 23:08:03	http://45.159.189.39:8080/1/EricaceousBlindness...	Offline	32 ArkeiStealer exe	zbetcheckin
2021-12-16 22:04:04	http://45.159.189.39:8080/1/1234.exe	Offline	32 exe RedLineStealer	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-12-18 16:08:05	1ccc0af2e57d00c53b91e8e191a9a3ce4692c87c4ae8a00035323c840f921708	exe	RedLineStealer
2021-12-18 08:08:05	18cd037dafda0a1a6af0cc72a5bfdfbae4a9c78f63708cd4fdd38048f5a4c87f	exe	RedLineStealer
2021-12-18 08:08:05	c4c8179ac2a2be1697ef244e5c8c4e70dd311b0f4a350c6fe1f05ddd69afc1f3	exe	RedLineStealer
2021-12-18 08:08:04	168cf1b514dcd2935f60fd9be6317d2eb3ab32908f3a46d6b7f339109044e8ec	exe	RedLineStealer
2021-12-18 08:08:04	74c5701189877d6ff1cee769cfb34bd211feebbd4ad1e03c4f5c609dffe184ac	exe	RedLineStealer
2021-12-18 08:08:04	98a293de8d3eb34cee5e3e8edc9f472323d13a997bdbd2806ac1fe483f5efd14	exe
2021-12-18 08:08:04	9ae164f0b4984b78928811ea2e6bf7d49dcbdba1fea2f17c0a017df925503173	exe	RedLineStealer
2021-12-18 08:08:04	337436e6e0d05430b7ea701871735f68d3df1e9aaca2dd3e1b4074bac5e9c6f2	exe	RedLineStealer
2021-12-18 08:08:03	3dbd5487b19aa019bade16d9061195230b742a45ddb2e411d0e6b7fac6778e17	exe	RedLineStealer
2021-12-18 08:08:03	33ba74ef9c6a96c68a0f95f518df17cfe61126d9605c483100661752440c47ab	exe	RedLineStealer
2021-12-18 08:08:03	56132bf8c1be4feeeb6aec15656688659ee0c9861f94519da8b94ced1801f2b2	exe	RedLineStealer
2021-12-18 00:33:11	e237102ecce153410e4609db0ec5986e2d874a5efe4c9ace10bd419e80dce974	exe	RedLineStealer
2021-12-18 00:33:05	bd1ae8b23302a17ef00d7a83024b0d7bcef71a279e98790b60a87c0981ac6ed5	exe	Amadey
2021-12-18 00:33:04	93debd2f5562df361e0df486f3aa3b23ea5fa6e2ed9865a00fa8c2c8ecd758f1	exe	RedLineStealer
2021-12-17 21:15:05	30ea2b66243b336c8c371b34d6588a3c5d08eb5eda6334342c5164098d900a60	exe	RedLineStealer
2021-12-17 01:21:05	9aedd52a94357051a0a8f8a3be9d8dafba18261ec1ff144d8fb52818bd35eb30	exe	ArkeiStealer
2021-12-17 01:15:04	f98e925c1ccab5e997e6e4e2349c4a31dcdfabebbf267d1bbf7943f35f0d4b57	exe	RedLineStealer
2021-12-16 23:08:03	ee74cc4361dafb970087e89d502f3fa9dc073a4e31baaf9d1f843c630431bdbd	exe	ArkeiStealer
2021-12-16 22:04:04	158d30a43656ba2b6d7eec494fad8aa7ae861b0132f24065d2cc42d9396e0ef1	exe	RedLineStealer