URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 5.39.217.221
Firstseen:2021-02-08 06:39:02 UTC
Total malware sites :16
Online malware sites :0 (0%)
Offline Malware sites :16 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-02-08 06:39:03 5.39.217.221Not listedAS57043 HOSTKEY-AS- NLyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-03-23 07:15:04http://5.39.217.221/tnt/vbc.exeOfflineAgentTesla ext exe Loki ext opendir abuse_ch
2021-03-22 08:57:03http://5.39.217.221/cnn/vbc.exeOfflineAgentTesla ext exe abuse_ch
2021-03-19 07:12:03http://5.39.217.221/htdocs/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-03-17 19:15:03http://5.39.217.221/https/vbc.exeOfflineAgentTesla ext dtloader James_inthe_box
2021-03-17 08:16:04http://5.39.217.221/win/vbc.exeOfflineAgentTesla ext exe zbetcheckin
2021-03-17 06:35:03http://5.39.217.221/system/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-03-10 17:26:05http://5.39.217.221/www/win.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-03-05 10:28:04http://5.39.217.221/www/vbc.exeOfflineAgentTesla ext exe ffforward
2021-03-01 13:12:04http://5.39.217.221/gst/document.docOfflineAgentTesla ext opendir RTF abuse_ch
2021-03-01 13:12:04http://5.39.217.221/gst/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-03-01 07:18:07http://5.39.217.221/wwww/ees.docOfflineAgentTesla ext RTF abuse_ch
2021-03-01 07:18:07http://5.39.217.221/wwww/vbc.exeOfflineAgentTesla ext exe abuse_ch
2021-02-24 12:00:04http://5.39.217.221/node/vbc.exeOfflineAgentTesla ext exe abuse_ch
2021-02-19 07:51:03http://5.39.217.221/win/document.docOffline abuse_ch
2021-02-08 06:58:03http://5.39.217.221/svch/svch.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-02-08 06:39:03http://5.39.217.221/svch/document.docOfflineAgentTesla ext RTF zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-03-23 07:15:04a69a5af8e3c137846566c33361826a5be613593cf06e0e16cd2edb660f9fa187exeAgentTesla
2021-03-22 10:10:435cf57962693a3b0b78123349724b73bd8faaaab98cc74756978d4b53e2e99772exeAgentTesla
2021-03-22 10:02:59bd9201132dd9b8cefc005b7eaa5bb251486e05b5c4d25f6dcb659302073e7a5cexeAgentTesla
2021-03-22 08:57:035821e9cb6b19051ced255587c993aea2119cae0c9b3dc154af1e0377778f0696exeAgentTesla
2021-03-19 14:17:58d2212af53c854c77f784b8d92166d6793c18d480ff553d600fd169beef5a62d7exe AgentTesla
2021-03-19 07:12:03e41d7ebd02ce366293d8a66436ff687eadc4ef71164318c5999d9c48ad8babf2exeAgentTesla
2021-03-17 19:15:0382aaa2be9712c513dc78ebab36b41fe2848e23a6b60f13023c92024af0726943exeAgentTesla
2021-03-17 08:16:04b5af8bcc9c39abe19c404884838058d75a2695d0fbc9162df98404c9c271a4c0exeAgentTesla
2021-03-17 07:29:15006e140751117d2dda1ebdbc917353674df60ec3a7aaca34c2348877e0f44129exeAgentTesla
2021-03-17 06:35:03bfae07aed7b8b2fc4a49f575ffc8c88d6c6d88096d5acc5daa2685b12bbba3ddexeAgentTesla
2021-03-11 11:31:47e0fb429b066d2b97dde4465f957880b89d69bedfe92804f3952fd6d3898766f6exeAgentTesla
2021-03-11 01:07:479dab7d32a275a641bd167e1b375b12fd3e2e17b3ae7a12877cbcf5892add70edexeAgentTesla
2021-03-10 18:24:445b39249fdee4e9fa76ef6906990437c7529c0a8e1e6238606e8416f084d10972exeAgentTesla
2021-03-10 17:26:05cd8f366ed8acc9f614c93e81f7a8068c43ac8d8e42e2c7c6d37e7c2da994933bexeAgentTesla
2021-03-05 10:28:0429ea2eab384e58eb174a1a628b6f66b96bf7c40b5f8213169dcdd8b9703def18exeAgentTesla
2021-03-02 21:52:1998844d2c2c3815f5b743e40dea380cfea992b35cf8461f0f529b9874d9a3e23fexeAgentTesla
2021-03-02 15:01:38f2d2638afb528c7476c9ee8e83ddb20e686b0b05f53f2f966fd9eb962427f8aaexe 
2021-03-02 06:45:27c7cdab6fee95ee4299afb418849f16d738d63a03e85f683393103c835cea0a5aexeAgentTesla
2021-03-01 21:42:58b37bd45d6862b8e8edc950135e35c66a534724ec5a58a0ed448575753cad8871exeAgentTesla
2021-03-01 13:12:046458530468461cb08fc1673aed2dbbd606d5a5795b89198a78132645eca95c9aexeAgentTesla
2021-03-01 13:12:04a3f659f69af881da3c76ce0271cad4875aeeddbe1b7f27a7601607223fa92ac1rtfAgentTesla
2021-03-01 10:15:04083675d830617884f8e787b7e4ff68fecef86d9810b425f1d6bd0695a03ff2bdexeAgentTesla
2021-03-01 07:18:0703675b36674123dd354677697244738fd9cabf2cf6314ab6e1bb2b4432aeccb2exeAgentTesla
2021-03-01 07:18:0756fbefebcf055d2bf98c85ca5ab7e16abba318b2ef7871a529ba94132318b928rtfAgentTesla
2021-02-24 16:46:3681c3590c04a0c3b1457057e2307778b409812d2e18f01fca9bf6a3b6b9b83dedexeAgentTesla
2021-02-24 12:00:04679926634a10c6860e78da1a76d1d77009a6e11b925695d199792691a288aab9exeAgentTesla
2021-02-19 07:51:03c657570d8bd13c9435548efe83087568b7a83e8bf968d7384fab1037a8612e75unknown  
2021-02-12 05:50:04c5117d305454ed1aefc0288753b4d15f345086de1c58abb2a95be78af8a5d04artfAgentTesla
2021-02-08 06:58:03fc3b3ec5757f584d1fe42cbba44a0cc2f70e11f02811a074b05003230e8cb657exeAgentTesla
2021-02-08 06:39:03dda11497d1348934476e5806d133a7b2bc25696cef6f1ab82ed808766e7aedcartfAgentTesla