URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-30 22:50:59 | 192.124.249.78 | cloudproxy10078.sucuri.net | Not listed | AS30148 SUCURI-SEC |  US | yes |
| 2025-04-30 22:50:59 | 3.39.214.124 | ec2-3-39-214-124.ap-northeast-2.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 |  KR | yes |
| 2021-05-27 23:41:41 | 3.67.153.12 | ec2-3-67-153-12.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 |  DE | no |
| 2021-02-24 13:00:31 | 138.197.188.142 | prod-tvb.otticacapello.it | Not listed | AS14061 DIGITALOCEAN-ASN | DE | no |
| 2021-02-23 04:05:00 | 46.101.121.244 | Not listed | AS14061 DIGITALOCEAN-ASN | DE | no | |
| 2021-03-01 20:00:12 | 18.192.76.182 | ec2-18-192-76-182.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 | DE | no |
| 2021-02-19 21:16:44 | 159.65.118.56 | bkusapp.timesaving.lv | Not listed | AS14061 DIGITALOCEAN-ASN | DE | no |
| 2021-02-24 13:00:31 | 167.99.242.112 | Not listed | AS14061 DIGITALOCEAN-ASN | DE | no | |
| 2021-05-26 04:13:31 | 161.35.218.92 | daftarslot88.xyz | Not listed | AS14061 DIGITALOCEAN-ASN | DE | no |
| 2021-02-23 04:05:00 | 167.99.246.105 | Not listed | AS14061 DIGITALOCEAN-ASN | DE | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-10-22 17:16:06 | https://cuz-art.com/wp-admin/sites/rwc5bk8ltenr... | Offline | doc emotet  epoch3 heodo |  Cryptolaemus1 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-10-23 21:38:27 | 59235980108e00a0011ebeca9348c5a39ef6d6ec0b052e15ddeb825e9c21e3d5 | doc | Heodo | |
| 2020-10-22 20:22:57 | 73c15020ef9bf16ef338a7808aeba33bed02253197dbf1251f68c3a954ead5b5 | doc | Heodo | |
| 2020-10-22 19:46:21 | 2a3debc28e12818dd54c53582337c7024a1cfb99138ea2baf06c6b45a36efc2b | doc | Heodo | |
| 2020-10-22 19:17:04 | 9192adc6ad055a6e640fd17c385e4aa7e88fad75617119f2f64efcec5dc4da19 | doc | Heodo | |
| 2020-10-22 18:47:49 | cd20ae1b00fceba422cc5bd5b2c7e42686f65e5ea4ef237340ffc7dd3e1a28f1 | doc | Heodo | |
| 2020-10-22 18:26:46 | a53f4bb796189439737207c506acde597330328109ac2d78b693d2d6a72e4ba8 | doc | Heodo | |
| 2020-10-22 18:08:11 | 2f11fb391c4e5106c86f7af02261b1ce605f84877b62af40538177fc258c9e05 | doc | Heodo | |
| 2020-10-22 17:27:53 | 01b228cd4f024acce23be7b762797915e8ece1d47c301e20f9596a98aed2acb5 | doc | Heodo | |
| 2020-10-22 17:16:06 | 74e16bd58ef88cfbc4267cf32b54a6444f5a01675811af2f8da025c1dd9e7272 | doc | Heodo |