URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host knightshadows.com.

Database Entry


Host: knightshadows.com
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Not blocked
AdGuard :Blocked link
Firstseen:2019-09-11 11:42:03 UTC
Malware URLs:8
A records observed:1

IP addresses


The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-09-11 11:42:14 23.95.61.2823-95-61-28-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs


The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2019-09-11 13:56:06http://knightshadows.com/bu/sssss_outputB765AFF.exeOfflineexe @abuse_ch
2019-09-11 13:55:57http://knightshadows.com/bu/sps.exeOfflineAgentTesla ext exe @abuse_ch
2019-09-11 13:55:51http://knightshadows.com/bu/gabi.exeOfflineexe @abuse_ch
2019-09-11 13:54:52http://knightshadows.com/bu/bu.exeOfflineAgentTesla ext exe @abuse_ch
2019-09-11 13:53:57http://knightshadows.com/unger/likhjui_output8411B7F.exeOfflineAgentTesla ext exe @abuse_ch
2019-09-11 13:44:06https://knightshadows.com/bu/bu.exeOfflineAgentTesla ext exe @zbetcheckin
2019-09-11 13:37:44https://knightshadows.com/bu/sps.exeOfflineAgentTesla ext exe @zbetcheckin
2019-09-11 11:42:14https://knightshadows.com/bu/sssss_outputB765AFF.exeOffline@JAMESWT_MHT