URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-07-11 03:28:15 | 35.157.26.135 | ec2-35-157-26-135.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 |  DE | yes |
| 2025-07-03 13:41:20 | 63.176.8.218 | ec2-63-176-8-218.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | DE | yes |
| 2025-09-09 19:35:04 | 13.248.213.45 | a67c48129651a0940.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 |  US | no |
| 2025-09-09 19:35:04 | 76.223.67.189 | a67c48129651a0940.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-06-24 09:58:10 | 3.75.10.80 | ec2-3-75-10-80.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | DE | no |
| 2025-06-23 08:19:35 | 3.124.100.143 | ec2-3-124-100-143.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | DE | no |
| 2025-06-23 08:19:35 | 3.125.36.175 | ec2-3-125-36-175.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | DE | no |
| 2025-04-28 21:14:19 | 162.241.114.163 | 162-241-114-163.webhostbox.net | Not listed | AS19871 NETWORK-SOLUTIONS-HOSTING | US | no |
| 2020-10-30 09:23:42 | 148.66.128.220 | Not listed | AS26496 AS-26496-GO-DADDY-COM-LLC |  SG | no | |
| 2021-01-17 08:37:15 | 34.102.136.180 | 180.136.102.34.bc.googleusercontent.com | Not listed | AS396982 GOOGLE-CLOUD-PLATFORM | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-10-26 16:40:05 | https://codeproofs.com/wp-includes/attachments/... | Offline | doc emotet  epoch1 heodo |  Cryptolaemus1 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-10-26 18:10:35 | 7dd73bb83a80f251f38ee10a9e87dc0c65ea1b6319b121bc6dd84b68446eb22e | doc | Heodo | |
| 2020-10-26 17:44:47 | d90ed0030c1275bb1ddd893fd29e73bdcd9ba1321e78c8a7525f30e5786c4431 | doc | Heodo | |
| 2020-10-26 17:13:29 | 9255dec2362500265e1c7afeb2d980dbfc2d816005572c190cfc4aae80c303fa | doc | Heodo | |
| 2020-10-26 16:59:21 | ff5007b5761e068b27ecde2c4c2a63d1ffa24ad25ea98ec266369b5ed35d8d17 | doc | Heodo | |
| 2020-10-26 16:40:05 | e40119b79b78b7af1ed6f4baedd50ce50464d6676bd1622999b29ac56f867165 | doc | Heodo |