URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 15:44:22	164.70.117.121	164-70-117-121.indigo.static.arena.ne.jp	Not listed	AS2514 MAINT-JPNIC	JP	yes
2023-01-21 15:53:57	49.212.198.171	www2931.sakura.ne.jp	Not listed	AS9371 MAINT-JPNIC	JP	no
2022-07-06 19:29:11	117.20.100.221		Not listed	AS9597 MAINT-JPNIC	JP	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-07-06 19:29:11	http://k-s-j.jp/contact/r3a9keM/	Offline	dll emotet epoch4 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-07-07 04:48:53	782fb05eb494a038ce6858c15b17bda4f2cf68ff2e7daa56368648e27053c39a	dll		Heodo
2022-07-07 04:34:20	1123635acc3cf802b7df17aceec46df07ce5b562e732d020a0f90416ebe5c8e3	dll		Heodo
2022-07-07 04:17:04	6edf14409ef9357405afe7ff914a9b5cdab92639255b6ad8626d046ccc796e7c	dll		Heodo
2022-07-07 04:05:44	4e9a4d3d88aee65cfd9aa94861adfcb428b33b07c381e10afedfb4bfd30ace50	dll		Heodo
2022-07-07 03:46:26	e7c619c2e7ed2d2647431b2ee72529ddd3b6d0a2b95afda1309982ce66aa5e5c	dll		Heodo
2022-07-07 03:36:00	a57681e64833b30f0147a76fc654523d5b07429029a722b8e860357f719a82be	dll		Heodo
2022-07-07 03:16:28	9e855a6f1cb6fb576cd0ca67f42fb1c8073232e2d46d17d18db296976f601d5d	dll		Heodo
2022-07-07 02:51:13	64b6aee582e1f311dc78b65182562a38dcd6f2cc3f7120564827569efa200f51	dll		Heodo
2022-07-07 02:30:35	d5b827b3a555b53cb9e087627f576fe86f41ce492f9b9f3519bcc91bf6441c15	dll		Heodo
2022-07-07 02:18:25	5939da25e3aa4fc6b598cf3ddead00276eb15be44624740966d3c64ccb3f4862	dll		Heodo
2022-07-07 02:02:15	60167cc0f8ad7b3a1ae72f161d14e129d001240f8d85381a83237957a1ee00f8	dll		Heodo
2022-07-07 01:38:27	fe6c46d477a2fa65c886b32b99b1030582bdd01018655653b07a7812dbc4e55b	dll		Heodo
2022-07-07 01:20:18	2623ce87500c6a045b428e571963f474678dd0db99980f6da1318b37a7f989de	dll		Heodo
2022-07-07 00:57:06	a189983c06b5e04e60cd4382e8c9f33cf71e864d308cf5c75520e977a7f91f19	dll		Heodo
2022-07-07 00:33:03	2ef294e34bc959bccd33090cc9534156279cd9b228ef3f03541ced0625a72fa5	dll		Heodo
2022-07-07 00:12:25	46a3a708ebcde2ac15fd4b6f694a5fde7dbacf4aa215210e4851293943192b38	dll		Heodo
2022-07-06 23:59:13	654506ce48d757e351a8d4150adc0d245a1be8e3b87ab56e5b8ff0b4b7964c2a	dll		Heodo
2022-07-06 23:32:27	02c4a53f01e42f6d2e156c6fab0875bbd41e967c586bb2ea33114bb14db6ff16	dll		Heodo
2022-07-06 23:06:17	cfe796cacf923dcfa1c84f6cb379a3db2884911d94a992665720c28eb0ac4806	dll		Heodo
2022-07-06 22:31:42	3e32fc3c0c55d11fceb495d80c13aa8818d9e91cdcea7968f0b17cf607f57cbb	dll		Heodo
2022-07-06 22:19:31	0d42a5132635be6243a142115825c1e2913ff4828ac127c9360a9d5249f3f9ea	dll		Heodo
2022-07-06 22:13:11	1562e7aed39514779d6ee3e01bc7c373ec405e71879f56a5da8c580979e79702	dll		Heodo
2022-07-06 21:52:33	baa2f0015ff1f0f5482f1bb18bb29bff14b8a945eb828a1b9ee9849d0010a56a	dll		Heodo
2022-07-06 21:29:32	451ed0eafb6209fa12587f27f464c48d303cf496ea3de01ef8cefb4f4c91625e	dll		Heodo
2022-07-06 21:17:49	9794de660002d19916728262f9f1a5e8512a7de010a55d056b3adc151b586751	dll		Heodo
2022-07-06 21:02:10	626b602f68ec5406cd87e7834372662d75cec821b61830be4550400b418371c6	dll		Heodo
2022-07-06 20:34:56	12314f1ebfd155a90d0f9de1e61f6f73d4c637c562ae5b3f7af16591fae3d305	dll		Heodo
2022-07-06 20:12:37	84c4149aa07be8c1e244839bdd9dfd2eb7e7bc4b9fa7d3b90098e0230baec6a8	dll		Heodo
2022-07-06 19:44:44	4ab5d71a034306e5b4304ce18b80962bb26e9e05adb083827a2a47619b4a05e4	dll		Heodo
2022-07-06 19:29:10	8b96669c1d75d530e75aafa6eacd6094645b6df705a4f556a84af13d6009d6f0	dll		Heodo