URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-01-29 13:08:40	103.138.189.58	s11643.sgp1.stableserver.net	Not listed	AS204800 WHG-SGP	SG	yes
2025-04-27 20:09:23	192.250.235.26	s1304.sgp1.mysecurecloudhost.com	Not listed	AS204800 WHG-SGP	GB	no
2022-12-23 17:44:10	207.148.117.199	s482.sgp9.mysecurecloudhost.com	Not listed	AS20473 AS-VULTR	SG	no
2023-06-16 19:08:12	199.59.243.223		Not listed	AS16509 AMAZON-02	US	no
2023-01-10 03:58:11	188.114.96.3		SBL690066	AS13335 CLOUDFLARENET	n/a	no
2023-01-10 03:58:11	188.114.97.3		SBL691350	AS13335 CLOUDFLARENET	n/a	no
2023-04-27 13:12:24	104.21.70.91		Not listed	AS13335 CLOUDFLARENET	n/a	no
2023-04-27 13:12:30	172.67.222.45		Not listed	AS13335 CLOUDFLARENET	n/a	no
2023-01-13 12:35:57	188.114.96.9		Not listed	AS13335 CLOUDFLARENET	n/a	no
2023-01-13 12:35:57	188.114.97.9		Not listed	AS13335 CLOUDFLARENET	n/a	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-12-23 17:44:10	http://mandalaagrifresh.com/blog/Cancellation_7...	Offline	10900 geofenced iso obama233 Qakbot qbot Quakbot USA zip	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2025-10-31 02:23:05	c3cef0d64c1f62713be5b27d586af79e9bb65d8ba78117c951c758d421aa1038	html
2025-09-27 16:58:41	00be7f643a12ac2221c9ba8df4fb34b3701c336fa830d24fe906c55364ef7b35	html
2022-12-24 22:15:27	08a44110fca717e9a82fa3a2cb728776db4dfe6410d504088ac68f7e799e90f3	zip
2022-12-24 20:25:34	743be7facfbdd33d5615f4d9e2f9941a73a6cf11de0265423ea0c0da30cd6245	zip
2022-12-24 19:05:21	180b0bb5babdf17fbc5ca775924bebdb9f75d14c03d2ec6ed86bc739779a6fbb	zip
2022-12-24 17:22:18	4abd6969c5db1c45c9382ded15acaad59a6587aae77f3f4b43265ae076c28f7d	zip
2022-12-24 15:29:42	aca896ac6726a437e686f3ccb66368e7a5c2effc5825d8bc72ec5696d66fd501	zip
2022-12-24 14:07:41	738a286e70b0f1a8d735db3b8b4c20aaabfbdeef1da15ea6b95da7f23f3f9dc9	zip
2022-12-24 11:58:30	bfe3a87866003b8f0647e65c5bd22d54270c7010bd4d7e86c454d1e4006c45e9	zip
2022-12-24 10:27:28	2422beb9fc76b09cd8ba7ebbb9a39106f9a3dfd9d6ca1fbe733838ef9e55ed59	zip
2022-12-24 09:17:10	ec893ff84ed1e33bad60e8ee2563d08cf77e65cbc4d387cef017f4074937dc26	zip
2022-12-24 08:16:47	954115b497ad5b1074b0a841987781fc37c0e5d3619dfaa2a51fb2cd61c3e1ad	zip
2022-12-24 08:09:58	776bb7a422a5f667e7f46f94ac581509e4b89d7736d0ce333e53a14c9f4d3b78	zip
2022-12-24 06:16:57	800d6b55f8591c60d01306b8c99488dcc6c2d11cfcb6dd720e59535ec1475635	zip
2022-12-24 04:29:33	e3b213442a8b9278b39bbe14df46446fe2f94ba9dde0762be7f18983fddeea52	zip
2022-12-24 02:32:20	3417e7cc2ca2b35057d6ecc0daabef7c9457310e600443b4cbba5f0be0747a34	zip
2022-12-24 00:26:38	ba9f2efd2e6ef3031895e641e3b68b8393e992916edee48590a5c5fb020085fa	zip
2022-12-23 23:22:41	d685319e95ac1bb62ec778345656832efa6b7f99c267d33915b043acab151271	zip
2022-12-23 22:10:02	bdddccac73f6cc1884b1425578fe8a5e8eb7a9d25a229a852136bebb748f6248	zip
2022-12-23 20:40:05	6c0db030e07dea94900bf154d9c0628193fa7bdbc70a4e9c029b22ae6ee1663d	zip
2022-12-23 19:39:17	f74a9cfe413640f2834f9e7ddc566df0531ade8c9686a20378d02dc84d0151a2	zip
2022-12-23 18:26:45	f02bc2def275e4786195ae2ac62da716173cc8a3c22e45df6b4f6395f77e30e9	zip
2022-12-23 17:44:10	ce564a4d81ce307fe67f9b5c9a85bed5aef94f17ab9808f2685ec4a5cdfdfcfd	zip