URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: nataliatraven.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-10-21 10:35:07 UTC
Total malware sites :1
A record(s) observed :20

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-12-07 02:22:57 154.219.125.3Not listedAS8796 FD-298-8796- USyes
2025-12-07 02:22:57 154.219.125.4Not listedAS8796 FD-298-8796- USyes
2025-11-19 14:39:04 154.80.236.95Not listedAS134175 SH2206-AP- HKno
2025-11-12 14:43:05 104.21.21.54Not listedAS13335 CLOUDFLARENETn/ano
2025-11-12 14:43:05 172.67.196.125Not listedAS13335 CLOUDFLARENETn/ano
2025-09-19 12:31:28 203.168.128.61Not listedAS209242 CLOUDFLARESPECTRUM- SGno
2025-10-18 08:56:55 35.194.163.1919.163.194.35.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- TWno
2025-09-27 14:14:52 47.82.81.232Not listedAS45102 ALIBABA-CN-NET- HKno
2025-09-27 14:14:52 43.247.134.59Not listedAS932 XNNET- HKno
2025-08-28 09:02:33 43.247.134.104Not listedAS932 XNNET- HKno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-10-21 10:35:09http://nataliatraven.com/wp-admin/INC/D3Z6f4lvEm9/Offlinedoc emotet ext epoch1 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-10-21 10:35:09ee5d0b6e4f099ae7b0db0733a0eeb58498d3bc65201b26ba9e585aa42b5184ecdocHeodo