URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	codesparrow.net
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-11-26 10:06:08 UTC
Total malware sites :	7
Online malware sites :	0 (0%)
Offline Malware sites :	7 (100%)
A record(s) observed :	6

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-01-09 01:14:24	216.239.32.21	any-in-2015.1e100.net	Not listed	AS15169 GOOGLE	US	no
2023-01-09 01:14:24	216.239.34.21	any-in-2215.1e100.net	Not listed	AS15169 GOOGLE	US	no
2023-01-09 01:14:24	216.239.36.21	any-in-2415.1e100.net	Not listed	AS15169 GOOGLE	US	no
2023-01-09 01:14:24	216.239.38.21	any-in-2615.1e100.net	Not listed	AS15169 GOOGLE	US	no
2022-11-26 10:06:14	104.21.31.135		Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-11-26 10:06:15	172.67.176.142		Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-11-27 05:46:10	http://codesparrow.net/origin.exe	Offline	32 AgentTesla exe	zbetcheckin
2022-11-26 10:07:10	http://codesparrow.net/Done.Ps1	Offline	AgentTesla	abuse_ch
2022-11-26 10:07:09	http://codesparrow.net/hey.pdf	Offline		abuse_ch
2022-11-26 10:07:09	http://codesparrow.net/ez.Ps1	Offline		abuse_ch
2022-11-26 10:06:20	http://codesparrow.net/RunPe.dll	Offline	dll	abuse_ch
2022-11-26 10:06:20	http://codesparrow.net/oz.exe	Offline	AgentTesla exe	abuse_ch
2022-11-26 10:06:15	http://codesparrow.net/originnew.exe	Offline	AgentTesla exe	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-11-27 05:46:10	370aa8e99d8347708a134cd677295f86faaca3f084c543b2f64b67ef5eeec780	exe	AgentTesla
2022-11-26 10:07:10	beeb242bb1a4ffa7cc706ac482236afb457d52ffdb0defcde160528b858c6b03	txt	AgentTesla
2022-11-26 10:07:09	3da1e70162ceb08ad645c104994c7bf2be617ab483a6ba64ac25c05f63c52a05	dll
2022-11-26 10:07:09	cb94129961f8d8a26ce13e84d199ea1733057adea3c0754abcf7310fa03443d4	txt
2022-11-26 10:06:09	d3eeb44651622553b13bca65755ab7714b54b88f9653c1d08ea2c8ea14048aa6	exe	AgentTesla
2022-11-26 10:06:09	36f6f5876d3a1aa7dca337a435f3a9a38802ffa557e9b0e0501ae34c11e53e80	dll
2022-11-26 10:06:09	d3eeb44651622553b13bca65755ab7714b54b88f9653c1d08ea2c8ea14048aa6	exe	AgentTesla