URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	jun.web.id
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-08-13 11:40:25 UTC
Total malware sites :	1
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-12 10:47:15	103.196.152.177	ip-177-152-196-103.wjv-1.biznetg.io	Not listed	AS133800 IDNIC-BIZNETGIO-AS-ID	ID	yes
2025-04-27 13:02:12	103.152.119.134		Not listed	AS140443 IDNIC-HERZA-AS-ID	ID	no
2020-08-13 11:40:30	103.20.190.60	dara.empatdns.com	Not listed	AS45731 ARDH-AS-ID	ID	no
2025-08-06 16:10:19	103.253.215.19		Not listed	AS58487 CRI-AS-AP	ID	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-13 11:40:30	https://jun.web.id/files/MBpSS/	Offline	doc emotet epoch3 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-13 18:54:15	5068ac1fc3ea1af3eb637bed169df3a72f14ab7db56ff2996f718fbe8c05642e	doc	Heodo
2020-08-13 16:31:47	9c555a84e2b325b4c2d60e9dba477c087791380312f4c5c664d3ab4f1c47ab86	doc	Heodo
2020-08-13 15:20:07	e2b52ca08d4008fa9685112c5dfd20fcc5fb9d70c23426f9a30404ece51ca0d1	doc	Heodo
2020-08-13 11:40:30	335ffaa3c9914aabf84fec4cf13a891465b4c0c3700777b1fa2877df708b4c7e	doc	Heodo