URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-07-18 05:30:58 | 66.81.203.132 | Not listed | AS40676 AS40676 |  VG | no | |
| 2025-07-18 05:30:58 | 66.81.203.197 | Not listed | AS40676 AS40676 | VG | no | |
| 2025-07-18 05:30:58 | 66.81.203.7 | Not listed | AS40676 AS40676 | VG | no | |
| 2025-04-30 18:12:16 | 198.54.125.101 | server264-1.web-hosting.com | Not listed | AS22612 NAMECHEAP-NET |  US | no |
| 2020-09-10 01:07:11 | 66.96.147.159 | 159.147.96.66.static.eigbox.net | Not listed | AS29873 BIZLAND-SD | US | no |
| 2020-08-13 17:30:01 | 107.154.147.95 | 107.154.147.95.ip.incapdns.net | Not listed | AS19551 INCAPSULA | US | no |
| 2020-08-13 17:30:01 | 45.60.97.95 | Not listed | AS19551 INCAPSULA | US | no | |
| 2020-07-21 23:55:11 | 66.96.149.1 | 1.149.96.66.static.eigbox.net | Not listed | AS29873 BIZLAND-SD | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-07-21 23:55:11 | http://kanmasleadership.com/wp-admin/FILE/qm12l... | Offline | doc emotet  epoch2 heodo |  spamhaus |
The table below shows recent payloads delivery by this host.