URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-28 01:31:10	81.169.145.93	w8d.rzone.de	Not listed	AS6724 STRATO	DE	yes
2021-04-15 22:41:42	193.141.3.72	a08.rzone.de	Not listed	AS6724 STRATO	DE	no
2020-12-05 13:58:24	81.169.145.165	wa5.rzone.de	Not listed	AS6724 STRATO	DE	no
2020-10-20 22:54:04	81.169.145.78	w0e.rzone.de	Not listed	AS6724 STRATO	DE	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-10-20 22:54:04	http://euroasia-nord.com/cgi-bin/paclm/55631/ei...	Offline	doc emotet epoch3 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2020-10-21 13:04:02	90828b96547b35641ebd76b91c0200f8f057974be00f528002acf24663c9991f	doc		Heodo
2020-10-21 12:44:31	3498119a8fd01f12eb785bef90aa0db0abec22057cb338983fee714f612b6fec	doc		Heodo
2020-10-21 12:32:28	2808f5432076507429694409af31703a91c9d7e104800e8465efbd76926928fc	doc		Heodo
2020-10-21 11:46:17	7a71bbbd54d2b129ef434d1379aeaf528d643d1cabbbac8bde1666c9e5069994	doc		Heodo
2020-10-21 11:26:18	12abe2772542ac1ffc94f0b0e88db86ca97976a83a371d0ce054b72a8ed1053f	doc		Heodo
2020-10-21 10:42:26	91035b90b049084cf646a402da658c7b597a1b91434700caf2078db72bddc492	doc		Heodo
2020-10-21 10:00:51	54fe1cf0018e05fbdc865d2ba611867828c9db66dc76d675b6961ec3bddcec2f	doc		Heodo
2020-10-21 09:46:56	326dc3efbb3c157a00369c8ec16b1c404b95a85458b0417cccc92282178a4496	doc		Heodo
2020-10-21 09:28:13	f04b54a77865e9bd2ae776e358fee27eb02b42b02ca3bbf7072b2bf1eabf3957	doc		Heodo
2020-10-21 08:43:26	e9a60c57f83826d551499e5bf6d5e52d163e80c8348699eb508d92f926cacb91	doc		Heodo
2020-10-21 08:32:03	1c615910d79aa7763683cab844eb3542e60cdc0b9052bf2649a0fe8034ccaa51	doc		Heodo
2020-10-21 08:19:50	a5c730efa90e29c1794f91ceb2bb26d784adfc5cb4390d2421a94306174cf8d2	doc		Heodo
2020-10-21 07:53:40	2fab8ee623560cbdc4149b133dc5e91286af95e669d97e19523063c9537a27a6	doc		Heodo
2020-10-21 07:37:55	b1b68ff6e12d54572db4fa1a768108587786836e5e1c79f860f32d78e5f722e7	doc		Heodo
2020-10-21 04:07:01	d8e0f462d8d75918d376254506d8d9ca846f6fa1f33076a091cd9f61832efbc2	doc		Heodo
2020-10-21 03:28:57	a190cc4bd4d39b253f7e560cdf793dd829f74b0f816bbddc666525007a02412f	doc		Heodo
2020-10-21 03:06:07	19a709ff8ecb374af7e40714b3ff541cc7753c7e69a7f0250d797356cd4ccb59	doc		Heodo
2020-10-21 02:39:22	cbc98038cc0dab8d10dbfa4950f8228777c05eee346ce80ab1f2002c51939ac1	doc		Heodo
2020-10-21 02:23:29	5ab195348086d508a9be2e1c480fa60e9de009a7f057dbaf696f8468ec4fe0f5	doc		Heodo
2020-10-21 01:45:07	8d8971cd4eb8a2c26f5263e44299f9f468d43614dcccdcfae564420d264e0d29	doc		Heodo
2020-10-21 01:33:33	29cdc20b4b547e832ab1e9c0eeff5b71201efe4262d8d542a8b359131f26ed1a	doc		Heodo
2020-10-21 01:10:41	a4b9c8bd73e09cac4fa51d9601686766c566cc1afcba7986eb46da97f56449d5	doc		Heodo
2020-10-21 00:50:51	df9211fe12de3974165e9b876ac971eb94c70c83d54a06ccc3028a91eb92c7f4	doc		Heodo
2020-10-21 00:21:03	31b6905dac8845a6ec882d8c569a76792cf589be6591ec8270168d35a8047a3f	doc		Heodo
2020-10-20 23:45:30	46771e0edd6c8d5e7018f34426fd4813d4b5293bc1b20def01e9c6e5e2cd632a	doc		Heodo
2020-10-20 22:54:04	368608fc48be7d6239425f9a9e23b2aa19d22aaa001796c8c0e391858bd2932e	doc		Heodo