URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-07-31 20:34:31	34.198.182.201	ec2-34-198-182-201.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	yes
2025-04-27 13:31:45	172.208.104.174		Not listed	AS8075 MICROSOFT-CORP-MSN-AS-BLOCK	US	no
2019-01-09 19:24:10	72.185.26.229	072-185-026-229.res.spectrum.com	Not listed	AS33363 BHN-33363	US	no
2018-08-15 18:49:07	72.185.2.116	072-185-002-116.res.spectrum.com	Not listed	AS33363 BHN-33363	US	no
2018-05-10 19:47:05	65.35.2.135	gen-065-035-002-135.res.spectrum.com	Not listed	AS33363 BHN-33363	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2019-03-20 21:48:57	http://exploit.netreaperlab.com/files/malware/a...	Offline	exe wannacry	zbetcheckin
2019-03-20 21:39:05	http://exploit.netreaperlab.com/files/malware/a...	Offline	exe	zbetcheckin
2019-03-20 21:38:04	http://exploit.netreaperlab.com/files/malware/a...	Offline	exe	zbetcheckin
2019-03-20 21:26:06	http://exploit.netreaperlab.com/files/MALWARE/A...	Offline	exe	zbetcheckin
2019-03-20 21:25:21	http://exploit.netreaperlab.com/files/MALWARE/A...	Offline	exe	zbetcheckin
2019-03-20 21:24:09	http://exploit.netreaperlab.com/files/malware/a...	Offline	exe Locky	zbetcheckin
2019-03-20 21:03:11	http://exploit.netreaperlab.com/files/MALWARE/A...	Offline	exe	zbetcheckin
2019-03-20 17:55:07	http://exploit.netreaperlab.com/files/MALWARE/A...	Offline	exe	zbetcheckin
2018-05-10 19:47:05	http://exploit.netreaperlab.com/files/malware/2...	Offline	downloader exe	lovemalware

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2019-06-07 03:23:38	afaf08d570ae8089e5eda9116a16254c08e65afc31e8391b2fed3096f1755b6d	exe
2019-06-07 03:23:38	bd99b1c50390a48ce17a40f884a36c452db675d042d82db9268a1cfeeb27be25	exe
2019-06-07 03:23:35	b0c15350e83e1ef8adcbc333ef5440de9122e3078bf9511bb3989361a9043f53	exe
2019-06-06 03:33:37	12d92e6cccd8a4e069016181728a3d0f27cfe4583ab4f3222fadfa1d66b1cd01	exe
2019-06-06 03:33:36	49de4f96b3985fe620ff852a099d2a04af4f1eeca4a77a1ba9bd3db93ec2e0e9	exe
2019-06-04 03:10:50	4027a0e018386853e0140c16d879d04921bb52ef4b06b374356914c0dac0dab9	exe
2019-06-01 02:59:36	e9c0423f6f5fa0dec8878b6cfc53ddccf8c3551b9d9231f48e9f12c698174086	exe
2019-06-01 02:59:35	01fd538081565191be75077c5ace0e231146e014307dd32004a9cad5b6ad1d9c	exe
2019-05-30 03:34:00	ab0fbaeba9db9190490e07f6fb2256ea2704b5a8a13f67063989788c3d496431	exe
2019-05-30 02:48:13	b7dbbfabb938d29c1da96835aba9e7db3b414ecc1942c6b569ce434679444dce	exe
2019-05-30 02:48:01	247cb2856d6a82a365056ddab6cbe2a79c1569e6049df6aa498bb0ae82460c92	exe
2019-04-12 13:27:10	95d2b26368abdec068871e483b9d9f73e6fc2497dd6a1a0f80ff13ced0e40f90	exe
2019-03-20 21:48:57	ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa	exe		Ransomware.WannaCry
2019-03-20 21:39:05	e5c643f1d8ecc0fd739d0bbe4a1c6c7de2601d86ab0fff74fd89c40908654be5	exe
2019-03-20 21:38:04	02137e9426258e8d1186dc21ee344ffc5cdb3f068a6600ba1897fd9d27ccba43	exe
2019-03-20 21:26:06	c7dc529d8aae76b4e797e4e9e3ea7cd69669e6c3bb3f94d80f1974d1b9f69378	exe
2019-03-20 21:25:21	69e966e730557fde8fd84317cdef1ece00a8bb3470c0b58f3231e170168af169	exe		Rootkit.ZeroAccess
2019-03-20 21:24:09	a592bb700028529e0fe828be1a7cf5c1726cb7fe08a4d2c92fcea89cbcf0902a	exe		Locky
2019-03-20 21:03:11	5291232b297dfcb56f88b020ec7b896728f139b98cef7ab33d4f84c85a06d553	exe
2019-03-20 17:55:07	8cf50ae247445de2e570f19705236ed4b1e19f75ca15345e5f00857243bc0e9b	exe