URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host medpatchrx.com.

Database Entry


Host:medpatchrx.com
Spamhaus DBL:Not listed
SURBL:Not listed
Firstseen:2018-11-27 09:51:05 UTC

IP addresses


The table below shows all IP address obsered for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones).

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-05-28 23:16:18184.168.221.53ip-184-168-221-53.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USyes
2019-05-28 18:54:19184.168.221.45ip-184-168-221-45.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-05-25 10:52:3050.63.202.45ip-50-63-202-45.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-12 02:14:5050.63.202.41ip-50-63-202-41.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-11 03:44:0250.63.202.42ip-50-63-202-42.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-10 12:54:40184.168.221.63ip-184-168-221-63.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-10 06:54:5350.63.202.57ip-50-63-202-57.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-10 00:54:16184.168.221.44ip-184-168-221-44.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-08 06:45:5950.63.202.36ip-50-63-202-36.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-05 10:12:54184.168.221.49ip-184-168-221-49.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-05 00:39:01184.168.221.40ip-184-168-221-40.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-03 12:26:5550.63.202.46ip-50-63-202-46.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-03 06:29:5850.63.202.58ip-50-63-202-58.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2019-04-02 18:22:2550.63.202.34ip-50-63-202-34.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno
2018-11-27 09:51:06198.71.233.214ip-198-71-233-214.ip.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC- USno

Malware URLs


The table below shows all malware URLs that are associated with this particulare host.

Dateadded (UTC)URLStatusTagsGSBReporter
2018-12-17 16:49:38http://medpatchrx.com/NaLk-gvrXlMXZMSk25e_MhjNsVOmB-Z2/Offlinedoc emotet heodo CleanAnonymous
2018-12-14 12:23:12http://medpatchrx.com/6Fqd47epBFymYjzq/de_DE/Firmenkunden/Offlineemotet epoch2 heodo Clean@Cryptolaemus1
2018-12-12 09:28:13http://medpatchrx.com/Telekom/Rechnung/112018/Offlineemotet epoch1 heodo Clean@Cryptolaemus1
2018-12-07 00:52:12http://medpatchrx.com/Document/En/Important-Please-Read/Offlinedoc emotet epoch2 heodo Clean@Cryptolaemus1
2018-12-07 00:52:11http://medpatchrx.com/Document/En/Important-Please-ReadOfflinedoc emotet epoch2 heodo Clean@Cryptolaemus1
2018-12-05 00:53:03http://medpatchrx.com/files/US/Invoice-for-h/z-11/30/2018Offlinedoc heodo Clean@zbetcheckin
2018-11-28 04:10:48http://medpatchrx.com/245PPS/BIZ/Personal/Offlinedoc emotet epoch2 Gozi heodo Clean@Cryptolaemus1
2018-11-27 09:51:06http://medpatchrx.com/245PPS/BIZ/PersonalOfflinedoc emotet Gozi heodo CleanAnonymous