URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host download.1ys.com.

Database Entry


Host:download.1ys.com
Spamhaus DBL:Abused domain (malware)
SURBL:Not listed
Firstseen:2019-01-26 05:03:03

IP addresses


The table below shows all IP address obsered for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones).

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-02-15 04:59:1545.116.210.98Not listedAS4847 CNIX-AP China Networks Inter-Exchange- CNno
2019-02-15 04:59:1545.116.210.99Not listedAS4847 CNIX-AP China Networks Inter-Exchange- CNno
2019-02-15 04:59:1545.116.210.97Not listedAS4847 CNIX-AP China Networks Inter-Exchange- CNno
2019-02-15 04:59:1545.116.210.100Not listedAS4847 CNIX-AP China Networks Inter-Exchange- CNno
2019-02-15 04:59:1445.116.210.101Not listedAS4847 CNIX-AP China Networks Inter-Exchange- CNno
2019-02-15 04:59:1445.116.210.102Not listedAS4847 CNIX-AP China Networks Inter-Exchange- CNno
2019-02-15 04:59:1445.116.210.95Not listedAS4847 CNIX-AP China Networks Inter-Exchange- CNno
2019-02-15 04:59:1445.116.210.96Not listedAS4847 CNIX-AP China Networks Inter-Exchange- CNno
2019-02-13 19:26:45122.246.20.202Not listedAS136188 CHINATELECOM-YUNNAN-DIQING-MAN Diqing- CNno
2019-02-12 11:59:41222.85.26.223223.26.85.222.broad.xc.ha.dynamic.163data.com.cnNot listedAS4134 CHINANET-BACKBONE No.31,Jin-rong Street- CNno
2019-02-11 13:04:4559.63.247.228Not listedAS134238 CT-JIANGXI-IDC CHINANET Jiangx province IDC network- CNno
2019-02-10 21:51:06103.85.147.228Not listedAS58852 GZGD Guizhou provincial radio and television information Network Inc- CNno
2019-02-10 21:51:06103.85.147.227Not listedAS58852 GZGD Guizhou provincial radio and television information Network Inc- CNno
2019-02-10 21:51:06103.85.147.231Not listedAS58852 GZGD Guizhou provincial radio and television information Network Inc- CNno
2019-02-10 21:51:06103.85.147.232Not listedAS58852 GZGD Guizhou provincial radio and television information Network Inc- CNno
2019-02-10 21:51:06103.85.147.234Not listedAS58852 GZGD Guizhou provincial radio and television information Network Inc- CNno
2019-02-10 21:51:06103.85.147.233Not listedAS58852 GZGD Guizhou provincial radio and television information Network Inc- CNno
2019-02-10 21:51:06103.85.147.230Not listedAS58852 GZGD Guizhou provincial radio and television information Network Inc- CNno
2019-02-10 21:51:06103.85.147.229Not listedAS58852 GZGD Guizhou provincial radio and television information Network Inc- CNno
2019-02-05 18:00:04140.249.60.226Not listedAS58541 CHINATELECOM-HUNAN-XIANGTAN-MAN Xiangtan- CNno
2019-02-04 20:57:21116.253.29.232Not listedAS4134 CHINANET-BACKBONE No.31,Jin-rong Street- CNno
2019-02-04 01:18:17121.194.7.228Not listedAS4538 ERX-CERNET-BKB China Education and Research Network Center- CNno
2019-02-03 09:53:39211.142.196.174Not listedAS24445 CMNET-V4HENAN-AS-AP Henan Mobile Communications Co.,Ltd- CNno
2019-02-03 04:11:26124.165.219.100100.219.165.124.adsl-pool.sx.cnNot listedAS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone- CNno
2019-02-02 18:38:5743.249.132.241Not listedAS0 - CNno
2019-02-02 18:38:5743.249.132.240Not listedAS0 - CNno
2019-02-02 18:38:5743.249.132.235Not listedAS0 - CNno
2019-02-02 18:38:5743.249.132.239Not listedAS0 - CNno
2019-02-02 18:38:5743.249.132.238Not listedAS0 - CNno
2019-02-02 18:38:5743.249.132.237Not listedAS0 - CNno
2019-02-02 18:38:5743.249.132.236Not listedAS0 - CNno
2019-02-02 14:50:05211.144.94.27reserve.cableplus.com.cnNot listedAS9812 CNNIC-CN-COLNET Oriental Cable Network Co., Ltd.- CNno
2019-02-02 14:50:05219.233.32.248reserve.cableplus.com.cnNot listedAS9812 CNNIC-CN-COLNET Oriental Cable Network Co., Ltd.- CNno
2019-02-02 14:50:05219.233.32.253reserve.cableplus.com.cnNot listedAS9812 CNNIC-CN-COLNET Oriental Cable Network Co., Ltd.- CNno
2019-02-02 14:50:05219.233.32.252reserve.cableplus.com.cnNot listedAS9812 CNNIC-CN-COLNET Oriental Cable Network Co., Ltd.- CNno
2019-02-02 14:50:05219.233.32.251reserve.cableplus.com.cnNot listedAS9812 CNNIC-CN-COLNET Oriental Cable Network Co., Ltd.- CNno
2019-02-02 14:50:05219.233.32.250reserve.cableplus.com.cnNot listedAS9812 CNNIC-CN-COLNET Oriental Cable Network Co., Ltd.- CNno
2019-02-02 14:50:05219.233.32.249reserve.cableplus.com.cnNot listedAS9812 CNNIC-CN-COLNET Oriental Cable Network Co., Ltd.- CNno
2019-02-02 14:50:05211.144.94.24reserve.cableplus.com.cnNot listedAS9812 CNNIC-CN-COLNET Oriental Cable Network Co., Ltd.- CNno
2019-02-01 22:54:25183.218.12.249Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 22:54:25183.218.12.241Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 22:54:25183.218.12.246Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 22:54:25183.218.12.245Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 22:54:25183.218.12.242Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 22:54:25183.218.12.248Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 22:54:25183.218.12.243Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 22:54:25183.218.12.244Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 15:30:18111.47.247.6Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 15:30:18111.47.247.2Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno
2019-02-01 15:30:18111.47.247.3Not listedAS9808 CMNET-GD Guangdong Mobile Communication Co.Ltd.- CNno

Malware URLs


The table below shows all malware URLs that are associated with this particulare host.

Dateadded (UTC)URLStatusTagsGSBReporter
2019-02-09 14:00:21http://download.1ys.com/ys9.exeOnlineexe Clean@zbetcheckin
2019-01-26 05:03:10http://download.1ys.com/ys8.exeOnlineexe Clean@zbetcheckin