URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	5.152.205.160
Firstseen:	2022-04-07 08:07:03 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-04-07 08:07:04	5.152.205.160	h5-152-205-160.host.redstation.co.uk	Not listed	AS20860 IOMART-AS	GB	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-04-12 12:05:06	http://5.152.205.160/600/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-04-11 07:57:04	http://5.152.205.160/923/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-04-07 08:07:04	http://5.152.205.160/234/vbc.exe	Offline	exe Loki opendir	abuse_ch
2022-04-07 08:07:04	http://5.152.205.160/233/vbc.exe	Offline	exe Loki opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-04-12 12:05:06	9e302e72968dd1317f734d7d93d40803453d0811985d496c91d33d255e64b2dc	exe	Loki
2022-04-11 08:38:08	7dc5190b4a5ceb3a78d1af98d29f6445518a059c957636160e7fd420713dfc7a	exe	Loki
2022-04-11 07:57:04	b11dae861b1012288c0c51fdb12b47194f5ee8e4e5abc43e2e1df47bf2a008a2	exe	Loki
2022-04-07 11:12:42	b95bd9f7250dbc70a9f89ff05529cf74d2fa3cb28e512a1620ce71ae1d04ce4c	exe	Loki
2022-04-07 09:58:09	dbac3948a35ae44b1e43093d34888baf8f759ce2c5a6316bab07f9944c395112	exe	Loki
2022-04-07 08:07:04	cc6b4d28cbef35bd62c71355b72a54d9caf30c56214d9e41c56686d226b0f132	exe	Loki
2022-04-07 08:07:04	651fdd3a68e818a3c0e5c87d8880d8a36fc18a5b39f9c5dec64f03243246cff5	exe	Loki