URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 47.120.32.72 |
|---|---|
| Firstseen: | 2025-07-05 05:43:04 UTC |
| Total malware sites : | 6 |
| Online malware sites : | 1 (17%) |
| Offline Malware sites : | 5 (83%) |
| Newest active malware site : | 2026-01-23 16:31:07 UTC |
| Oldest active malware site : | 2026-01-23 16:31:07 UTC (Age: 22 days, 6 hours, 39 minutes) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-07-05 05:43:21 | 47.120.32.72 | SBL692522 | AS37963 ALIBABA-CN-NET |  CN | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2026-01-23 16:31:07 | http://47.120.32.72:8075/02.08.2022.exe | Online | censys CobaltStrike  |  DaveLikesMalwre |
| 2025-09-08 16:04:18 | http://47.120.32.72:8079/02.08.2022.exe | Offline | censys CobaltStrike | DaveLikesMalwre |
| 2025-08-28 16:07:18 | http://47.120.32.72:8069/02.08.2022.exe | Offline | censys CobaltStrike | DaveLikesMalwre |
| 2025-08-27 17:14:14 | http://47.120.32.72/02.08.2022.exe | Offline | censys CobaltStrike | DaveLikesMalwre |
| 2025-07-05 05:43:43 | http://47.120.32.72:8081/02.08.2022.exe | Offline | censys CobaltStrike | DaveLikesMalwre |
| 2025-07-05 05:43:21 | http://47.120.32.72:8080/02.08.2022.exe | Offline | censys CobaltStrike | DaveLikesMalwre |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-01-23 16:31:07 | 4d76963be244d3a779d2a5eaca64076a4de52a48568c5aab27f769a2d4e8ee3b | unknown | ||
| 2025-09-08 16:04:18 | 75d5ec56389539c6d0761adc484e77b8a391df22d4c90a17ef6ffacd75879c11 | unknown | ||
| 2025-08-28 16:07:18 | 0e116d64de47a7884a62c4e01971bf38801af7aeee217a34eace23889ecb867d | unknown | ||
| 2025-08-28 02:39:19 | 7c8c7d8b25da34be013572b8dcf20df3a8047bd3b862ae27ba7349310afc1750 | unknown | ||
| 2025-08-27 17:14:14 | 114b81e63862bca1d300b880b6d48de7ee05cb124099693d6b1d6326606a1eb3 | unknown | ||
| 2025-08-27 14:31:10 | 6e9bf2e1fc8863f39e71232adad8e0b01e4f800369460e165e4cce980a3ad0e1 | unknown | ||
| 2025-07-05 17:41:28 | 9ab56becbbce1f5284343a44692112b4ba4bd8d6c6ace743d16591b813b5482a | unknown | ||
| 2025-07-05 05:43:20 | f6eedc1ab72556e299439949d6b681240d88350167469f044e648894de9cd2c2 | unknown |