URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-12-25 07:35:10 | 104.21.69.68 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2021-12-25 07:35:10 | 172.67.206.8 | Not listed | AS13335 CLOUDFLARENET | n/a | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-01-17 22:24:05 | https://centralcdmx.gq/wp-admin/ALTMV130004/ | Offline | emotet  epoch5 redir-doc xls |  sugimu_sec |
| 2022-01-13 03:17:11 | https://centralcdmx.gq/wp-admin/53442142_1285745/ | Offline | emotet epoch5 redir-doc |  Cryptolaemus1 |
| 2022-01-13 03:16:09 | https://centralcdmx.gq/wp-admin/53442142_128574... | Offline | doc emotet epoch5 heodo | Cryptolaemus1 |
| 2022-01-11 23:51:04 | https://centralcdmx.gq/wp-admin/114136_1916/?na... | Offline | emotet epoch5 redir-doc | Cryptolaemus1 |
| 2022-01-11 23:48:04 | https://centralcdmx.gq/wp-admin/114136_1916/ | Offline | emotet epoch5 redir-doc xls | waga_tw |
| 2022-01-11 23:47:07 | https://centralcdmx.gq/wp-admin/114136_1916/?i=1 | Offline | doc emotet epoch5 heodo | Cryptolaemus1 |
| 2021-12-25 07:35:10 | https://centralcdmx.gq/wp-admin/8S97evzLswdeitx... | Offline | doc emotet epoch4 heodo | Anonymous |
The table below shows recent payloads delivery by this host.