URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-28 08:09:40 | 117.50.119.149 | Not listed | AS4808 CHINA169-BJ |  CN | no | |
| 2020-09-28 05:28:23 | 101.36.218.119 | v11.bc.feishu.cn | Not listed | AS23724 CHINANET-IDC-BJ-AP | CN | no |
| 2020-08-12 13:34:41 | 129.226.163.2 | Not listed | AS132203 TENCENT-NET-AP-CN |  HK | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-08-12 13:54:12 | http://beijingdaixie.com/wp-includes/swift/9hh3... | Offline | doc emotet  epoch2 |  Cryptolaemus1 |
| 2020-08-12 13:34:41 | http://beijingdaixie.com/wp-includes/swift/9hh3... | Offline | doc emotet epoch2 heodo |  spamhaus |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-08-12 15:53:53 | 25263694227734da43c741c2d09b0f0aceb8cb2d9488378a2ea765c6c19be594 | doc | Heodo | |
| 2020-08-12 14:21:21 | 4020a8982e70b51b150cd40a837ea5dfceb35f0a6c9f9858b3fae5e00404ae62 | doc | Heodo | |
| 2020-08-12 14:05:02 | 5039852e09153172ff5ef82c3e169e6a8c73a0b9f50c3ccdfac9773c3918bc09 | doc | Heodo | |
| 2020-08-12 13:44:45 | d7f3277a4a174d159d4069701a2857edd60b6aee23a19b4cd8df9964b9db6634 | doc | Heodo | |
| 2020-08-12 13:34:39 | 56fb7bd9a61fd2c723055aa379f92c87b134c376217c523d018b8be2dce01300 | doc | Heodo |