URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host knightshadows.com.

Database Entry

Host: knightshadows.com
Spamhaus DBL:Not listed
SURBL:Not listed
Firstseen:2019-09-11 11:42:03 UTC

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones).

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-09-11 11:42:14 listedAS36352 AS-COLOCROSSING - ColoCrossing- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsGSBReporter
2019-09-11 13:56:06http://knightshadows.com/bu/sssss_outputB765AFF.exeOfflineexe Clean@abuse_ch
2019-09-11 13:55:57http://knightshadows.com/bu/sps.exeOfflineAgentTesla ext exe Clean@abuse_ch
2019-09-11 13:55:51http://knightshadows.com/bu/gabi.exeOfflineexe Clean@abuse_ch
2019-09-11 13:54:52http://knightshadows.com/bu/bu.exeOfflineAgentTesla ext exe Clean@abuse_ch
2019-09-11 13:53:57http://knightshadows.com/unger/likhjui_output8411B7F.exeOfflineAgentTesla ext exe Clean@abuse_ch
2019-09-11 13:44:06https://knightshadows.com/bu/bu.exeOfflineAgentTesla ext exe Clean@zbetcheckin
2019-09-11 13:37:44https://knightshadows.com/bu/sps.exeOfflineAgentTesla ext exe Clean@zbetcheckin
2019-09-11 11:42:14https://knightshadows.com/bu/sssss_outputB765AFF.exeOfflineClean@JAMESWT_MHT