URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-09-11 04:24:34 | 104.21.62.235 | Not listed | AS13335 CLOUDFLARENET | n/a | yes | |
| 2025-09-11 04:24:34 | 172.67.140.35 | Not listed | AS13335 CLOUDFLARENET | n/a | yes | |
| 2025-09-08 18:14:30 | 162.0.235.235 | premium159-2.web-hosting.com | Not listed | AS22612 NAMECHEAP-NET |  US | no |
| 2020-08-27 07:51:38 | 172.67.150.100 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2020-08-31 03:32:39 | 75.2.109.121 | ae9d0fe0e9c2cb798.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2020-08-31 03:32:39 | 99.83.241.49 | ae9d0fe0e9c2cb798.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2020-08-06 04:45:33 | 198.54.120.146 | premium54-5.web-hosting.com | Not listed | AS22612 NAMECHEAP-NET | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-08-06 04:45:33 | https://jantehobe.com/wp-includes/lm/eyof0r5xt9d/ | Offline | doc emotet  epoch2 heodo Quakbot |  spamhaus |
The table below shows recent payloads delivery by this host.