URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-11-05 20:06:53 | 18.224.118.141 | ec2-18-224-118-141.us-east-2.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 |  US | no |
| 2021-11-04 19:25:10 | 3.136.35.220 | ec2-3-136-35-220.us-east-2.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-10-28 20:16:56 | 3.14.206.87 | ec2-3-14-206-87.us-east-2.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-10-28 20:16:57 | 3.140.94.226 | ec2-3-140-94-226.us-east-2.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-11-03 15:54:50 | 3.142.112.3 | ec2-3-142-112-3.us-east-2.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-10-28 20:16:56 | 3.20.112.42 | ec2-3-20-112-42.us-east-2.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-08-12 04:23:56 | 99.83.154.118 | a51062ecadbb5a26e.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-01-22 20:18:04 | 104.21.67.213 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2021-01-22 20:18:04 | 172.67.181.96 | Not listed | AS13335 CLOUDFLARENET | n/a | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-01-22 20:18:04 | http://cosmetics.zone/wp-content/ESNZUkGcCWBfHE... | Offline | doc emotet  epoch2 heodo |  Cryptolaemus1 |
The table below shows recent payloads delivery by this host.