URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	cornelluniversityblog.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-01-20 06:48:04 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2025-04-27 09:21:58	154.86.198.204	Not listed	AS134175 SH2206-AP	HK	yes
2021-01-30 17:50:30	209.208.111.236	Not listed	AS6364 ATLANTIC-NET-1	US	no
2021-01-20 06:48:06	94.23.169.237	Not listed	AS16276 OVH	FR	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-01-20 06:49:05	http://cornelluniversityblog.com/docxx/jo/jojoj...	Offline	AgentTesla exe opendir	abuse_ch
2021-01-20 06:49:05	http://cornelluniversityblog.com/docxx/ef/effp.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-01-20 06:49:05	http://cornelluniversityblog.com/docxx/jas/omas...	Offline	AgentTesla exe opendir	abuse_ch
2021-01-20 06:49:05	http://cornelluniversityblog.com/docxx/bob/iym.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-01-20 06:49:04	http://cornelluniversityblog.com/docxx/dj/musik...	Offline	AgentTesla exe opendir	abuse_ch
2021-01-20 06:49:04	http://cornelluniversityblog.com/docxx/fad/figg...	Offline	AgentTesla exe opendir	abuse_ch
2021-01-20 06:49:03	http://cornelluniversityblog.com/docxx/nel/DR1.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-01-20 06:49:03	http://cornelluniversityblog.com/docxx/pal/PALL...	Offline	AgentTesla exe opendir	abuse_ch
2021-01-20 06:48:06	http://cornelluniversityblog.com/docxx/ik/admin...	Offline	AgentTesla exe opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-01-20 06:49:05	43ae34f089374f6293998924525d9e8516c59bf2cd8150a7c01d6c565c85aa10	exe	AgentTesla
2021-01-20 06:49:05	74e35db0e018a83a1002237e7521e2cc0f2d03c6befa319d2b55c68f248f5bbd	exe	AgentTesla
2021-01-20 06:49:05	cfa46220d1b96e515eedbb82a0285229467f377ede30f732f7f6c48caba3ae1e	exe	AgentTesla
2021-01-20 06:49:05	1730e8fd738a26adbe3f0b31192adf6d4cc175f021b2d06e6278e36a43efef40	exe	AgentTesla
2021-01-20 06:49:04	74957e6668e2336b8892c3943890462ee2f7e7782d25b574e8184a3862a1b396	exe	AgentTesla
2021-01-20 06:49:04	5defd50046db301c82c85cc8306960982f576cbf5446f24062cc570dcf0becec	exe	AgentTesla
2021-01-20 06:49:03	8f8198fc76f32f907c255e1715f44deaabd4677f4cc708ecfd6afb1a50d9bcfc	exe	AgentTesla
2021-01-20 06:49:03	8948b3f93b1fe502e9b838271ac7e46f15e5a79ea0706a7834cedcbd0c10b7d9	exe	AgentTesla
2021-01-20 06:48:06	6cec4d45ec32bf036c8b5a513e029a5012c799e16acef1481e41822ba20dce8a	exe	AgentTesla