URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-01-15 08:13:01 | 104.21.82.204 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2020-09-28 12:12:03 | 172.67.162.223 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2020-11-10 20:38:58 | 198.199.85.159 | Not listed | AS14061 DIGITALOCEAN-ASN |  US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-10-19 09:56:03 | http://jegsnet.com/wp-content/J/ | Offline | emotet  epoch1 exe |  Cryptolaemus1 |
| 2020-10-19 09:29:04 | https://jegsnet.com/wp-content/J/ | Offline | emotet epoch3 exe heodo | Cryptolaemus1 |
| 2020-10-15 21:42:06 | https://jegsnet.com/wp-content/browse/mqjrkxxmz... | Offline | doc emotet epoch2 heodo | Cryptolaemus1 |
| 2020-10-05 08:34:33 | http://jegsnet.com/wp-content/X0/ | Offline | emotet epoch3 exe | Cryptolaemus1 |
| 2020-10-05 07:44:04 | https://jegsnet.com/wp-content/X0/ | Offline | emotet epoch3 exe heodo |  bomccss |
| 2020-10-01 01:44:04 | http://jegsnet.com/wp-content/browse/MXLm4Rages... | Offline | doc emotet epoch1 | Cryptolaemus1 |
| 2020-09-30 12:35:04 | https://jegsnet.com/wp-content/browse/MXLm4Rage... | Offline | doc emotet epoch1 heodo | Cryptolaemus1 |
| 2020-09-28 12:12:03 | https://jegsnet.com/wp-content/lPr/ | Offline | emotet epoch1 exe heodo | Cryptolaemus1 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-10-19 09:29:04 | 62e8bc9dd6745a755c8b7849b9575b23de6972edf239729dacb4960eccd97750 | exe | Heodo | |
| 2020-10-15 21:42:06 | 2955467d39aee8efaa08f284298b86e105ff6b8855c674bb41e38ca21d2c6bfe | doc | Heodo | |
| 2020-10-05 08:05:43 | 335c8e1163b18dc13112b03eeb3260affacdee0a1174e4245bc0dae2071bd94c | exe | Heodo | |
| 2020-10-05 07:44:04 | 4e4b12c04c871356dc8276b4734f94c5ca864400facb6d339f392252337e1c97 | exe | Heodo | |
| 2020-09-30 12:35:04 | c4d36a8bed7042aa9abc38d0883bc4e7916b275ffb51147b6ca9572e5fb496f4 | doc | Heodo | |
| 2020-09-28 13:10:16 | e043ada63bfe9a668663380eef6e2c604f22e3e4252d28adfc59403165ace445 | exe | Heodo | |
| 2020-09-28 12:53:23 | 221bae508e89aedc91853207621d37a92f7603c0ba937ac0d8fa3d7ca94072df | exe | Heodo | |
| 2020-09-28 12:24:50 | 46e50b56bad508580f2a9b1e93f00579d62a9e30782b2ecefb8ce658a6b8be0a | exe | Heodo | |
| 2020-09-28 12:12:02 | fa9f8c7bdbdb22d2a02d3357fc0bb2e8a0cd1d7531560feea87285a950726162 | exe | Heodo |