URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	hunters.org.cn
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-09-14 13:08:04 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-29 05:42:08	154.95.161.100		Not listed	AS134175 SH2206-AP	HK	yes
2021-02-02 11:35:28	47.246.48.204		Not listed	AS24429 Taobao	NL	no
2020-10-07 09:29:35	119.3.180.32	ecs-119-3-180-32.compute.hwclouds-dns.com	Not listed	AS55990 HWCSNET	CN	no
2020-09-14 13:08:15	162.159.208.66		Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-09-18 15:03:19	http://hunters.org.cn/img/Documentation/	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2020-09-16 19:23:35	http://hunters.org.cn/img/esp/hp8kzbgMcoUyDY/	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2020-09-14 13:08:15	http://hunters.org.cn/img/lm/	Offline	doc emotet epoch2 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-09-18 15:03:19	13aab947e9fdbb36ecff78349f1c9de33441db50e5de1f273a73ed0c2a539db8	doc	Heodo
2020-09-16 21:10:24	65a375716183e1cd6f4dcefb005efb7a89b1be9c1012ee9d0505c03a56bde12c	doc	Heodo
2020-09-16 21:05:49	a4bf34957b238490108c4cba630f89765b964690efdd84422cdb0a4b1de81705	doc	Heodo
2020-09-16 20:44:53	e72a4199768c2c5b1fe87ac090e70c81dfb045f9797010e283a007b54d4b92a3	doc	Heodo
2020-09-16 20:27:16	2739238f59e8b6ed85a705dc05e968b4f2595b93bc9a1e6087b7b3af77ece5af	doc	Heodo
2020-09-16 20:10:52	780c2f4e7fc4198d2983c14591defb4ab57fac5f400fa038b96527eac04d3647	doc	Heodo
2020-09-16 19:46:34	4c4b899193138d5c65384410b57109a0fbf89f47fa7de6429dd4e1a6b1f96346	doc	Heodo
2020-09-16 19:23:35	01e0e9be37709253f18246f80fcad415a7ec1410a398b620861c1c7b1b3d403d	doc	Heodo
2020-09-14 17:06:26	ed410e106fe3f9f8bedec883afe4b7b0d0dea3b449ad26fa6f41aa69c0a78f80	doc	Heodo
2020-09-14 16:41:09	a3f6b39e72cc5764544ad0f6abcdddcabce1f34999a2d78268a80c5b4f8546f2	doc	Heodo
2020-09-14 16:24:05	b6583efe667a79067f7999a0b37d909ac38b9e82fd2e51fe65f320f9f0d5cdef	doc	Heodo
2020-09-14 16:00:46	6854581e81ae31b87095df739754ed6a3a572cbce33781e25b646a150e39505c	doc	Heodo
2020-09-14 15:56:12	65af960efb522275c12cbbc2902476854043df45ed96b435103aedcef02eecbe	doc	Heodo
2020-09-14 15:38:26	e4a9024be2fd969f3d64de3bcff992a2d29ad69e823b5ed145c96a395a013e19	doc	Heodo
2020-09-14 15:08:40	2ff4b7d7b02e82dce1df902e65b025fe06a6a66e3e4605ada4206d0eb2e33cd5	doc	Heodo
2020-09-14 14:41:45	6f94245cbc7d242d2ffa0fa4b3e3b3d5c9d3033df0482320fd014daba53f62e3	doc	Heodo
2020-09-14 14:34:52	6c582c81ef9f686301cf1a663938a08c6f793a3f45403b3d4d87da94d5eefc00	doc	Heodo
2020-09-14 14:10:20	bc08b7a8310a6206226dd767a9c4cc26dd5d5316ad80e399359db8c090294b43	doc	Heodo
2020-09-14 13:46:14	29727ccfff36705a0638c4b0127fc5ec22be60f05d542fd9e9f0f49f6827ef54	doc	Heodo
2020-09-14 13:17:33	358777fc6c34cc75ebc7d92ee6c2bd0b29eaf38c4a215fc317e920ab0f60476f	doc	Heodo
2020-09-14 13:08:14	9bd2a13b25bd80000de689abeba6e931e894f31798d57b111b8e3e4b8c784184	doc	Heodo