URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	5.252.155.72
Firstseen:	2025-01-22 08:09:04 UTC
Total malware sites :	6
Online malware sites :	0 (0%)
Offline Malware sites :	6 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-01-22 08:09:05	5.252.155.72		Not listed	AS215826 Partner-Hosting-LTD	PA	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-01-29 00:13:03	http://5.252.155.72/din.exe	Offline	opendir	DaveLikesMalwre
2025-01-29 00:12:04	http://5.252.155.72/yoda.exe	Offline	opendir Vidar	DaveLikesMalwre
2025-01-29 00:12:03	http://5.252.155.72/lem.exe	Offline	opendir Vidar	DaveLikesMalwre
2025-01-29 00:12:02	http://5.252.155.72/script.ps1	Offline	opendir	DaveLikesMalwre
2025-01-25 19:22:04	http://5.252.155.72/1.exe	Offline	ClickFix exe FakeCaptcha Vidar	DaveLikesMalwre
2025-01-22 08:09:05	http://5.252.155.72/test.hta	Offline	hta	lontze7

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-01-29 00:13:03	9bd5c090817f2552450f57d24e7d3b6984b30ec036a1cf0f34c4f6952b1b1284	exe
2025-01-29 00:12:04	b112123f490a0505d0c2722abc65d1285865c519ec9587fe72e988c38fc1fcbc	exe	Vidar
2025-01-29 00:12:03	d80007837ee60fe9537c76e6a3d45005a86ddc3e066e608b57e1d4430cb96df4	exe	Vidar
2025-01-25 19:22:04	33cab7cd9069c761a907a2498c2d496da5e9332412b13472710e774ca80c4b48	exe	Vidar