URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-05-04 10:18:14 | 91.195.240.94 | Not listed | AS47846 SEDO-AS |  DE | yes | |
| 2021-01-12 23:47:01 | 103.224.212.220 | lb-212-220.above.com | Not listed | AS133618 TRELLIAN-AS-AP |  AU | no |
| 2021-01-20 20:13:03 | 70.32.1.32 | ip-70.32.1.32.hosted.by.gigenet.com | Not listed | AS32181 ASN-GIGENET |  US | no |
| 2021-01-20 09:48:27 | 170.178.168.203 | becrawl-show.flatreutic.com | Not listed | AS46844 SHARKTECH | US | no |
| 2021-01-11 12:45:40 | 34.102.136.180 | 180.136.102.34.bc.googleusercontent.com | Not listed | AS396982 GOOGLE-CLOUD-PLATFORM | US | no |
| 2020-12-04 12:43:46 | 34.98.99.30 | 30.99.98.34.bc.googleusercontent.com | Not listed | AS396982 GOOGLE-CLOUD-PLATFORM | US | no |
| 2020-10-16 17:47:09 | 199.167.200.151 | surf.hblocal.co | Not listed | AS63410 PRIVATESYSTEMS | US | no |
| 2021-01-12 14:31:19 | 103.224.182.250 | lb-182-250.above.com | Not listed | AS133618 TRELLIAN-AS-AP | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-10-16 17:47:09 | http://damoreca.com/wp-admin/Pages/tnQmj1OX2j2/ | Offline | doc emotet  epoch1 heodo |  Cryptolaemus1 |
The table below shows recent payloads delivery by this host.