URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2019-07-19 04:55:45	209.99.40.222	209-99-40-222.fwd.datafoundry.com	Not listed	AS23005 SWITCH-LTD	US	no
2019-07-20 06:22:56	209.99.40.223	209-99-40-223.fwd.datafoundry.com	Not listed	AS23005 SWITCH-LTD	US	no
2018-07-31 19:14:26	108.178.29.162	162.29.178.108.unassigned.ord.singlehop.net	Not listed	AS32475 SINGLEHOP-LLC	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2018-08-08 07:31:09	http://bzoca.com/PAYMENT/VG81545DAUPDK/Aug-07-2...	Offline	doc emotet heodo	Anonymous
2018-08-07 02:50:15	http://bzoca.com/DOC/PHBR12029528573OKMS/138380...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-03 12:01:15	http://bzoca.com/DOC/PHBR12029528573OKMS/138380...	Offline	doc emotet heodo	unixronin
2018-07-31 19:14:26	http://bzoca.com/default/Rechnungs-docs/RECH/Re...	Offline	doc emotet epoch2 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2018-08-08 07:31:09	bb15ee38d69336289ba4cb76d4b0126eb50de8fc5fe6e055280fa88444337970	doc		Heodo
2018-08-03 15:30:48	497be5f773cd826c4e352aef2ba0ceac18117e7709a3353a413eef2fddfef2ae	doc		Heodo
2018-08-01 20:42:52	ddfa667a6805bf8b9216feb8df15b1590c340914d7142aa142ecb858d117ba9b	doc		Heodo
2018-08-01 20:35:18	207f084b0cc2eb26c4a7c680a886e3f9bd65f45eed695d504743d6bbaafa9856	doc		Heodo
2018-08-01 16:42:30	e1e6f47f76667d41ff54aa4b94741b5a0faccc5ef1a002694b83a0816ab7722f	doc		Heodo