URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	npktechs.com
Domain registrar:	Public Domain Registry
Domain registration date:	2019-12-17 19:26:20 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-11 16:35:04 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	11

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-07-17 13:44:36	103.180.236.111		Not listed	AS151734 WEBYNEDC-AS-IN	IN	yes
2025-07-12 17:26:43	138.201.201.168	static.168.201.201.138.clients.your-server.de	Not listed	AS24940 HETZNER-AS	DE	no
2023-02-12 12:12:00	104.21.61.194		Not listed	AS13335 CLOUDFLARENET	n/a	no
2023-02-12 12:12:06	172.67.213.89		Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-12-17 21:48:04	188.114.96.3		Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-12-17 21:48:04	188.114.97.3		Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-12-18 12:44:07	188.114.96.9		Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-12-18 12:44:07	188.114.97.9		Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-10-27 23:41:22	144.76.3.233	nvme06.netcloudns.com	Not listed	AS24940 HETZNER-AS	DE	no
2022-01-26 19:24:12	88.99.66.27	static.27.66.99.88.clients.your-server.de	Not listed	AS24940 HETZNER-AS	DE	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-11 16:35:11	http://npktechs.com/b/JRYOT-35/?i=1	Offline	doc emotet epoch5 heodo	Cryptolaemus1
2022-01-11 16:35:05	http://npktechs.com/b/JRYOT-35/	Offline	emotet epoch5 redir-doc	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-11 17:45:19	bb42c503ef90a3b580fe241d3935057273211a16974921ce0999f778cfe35f7e	xlsm		Heodo
2022-01-11 17:23:46	6913af2de9271a92bd9c7c9afe4923a08f237459d7e1e03d171e96fa291e39ee	xlsm		Heodo
2022-01-11 17:15:41	79d5dd947b7300d32ff8facaa4720be444a2f7af9062654df5693bb426c9f3ab	xlsm		Heodo
2022-01-11 16:49:12	ea33d4681caae745548bdf42e52ffe5e63cedfb04acb9ec0aa32ac90d4f091c0	xlsm		Heodo
2022-01-11 16:35:10	314beb338f0644b4900ecc03c9ae919a0cb841f556fa61e02d205c281c278206	xlsm		Heodo
2022-01-11 16:35:05	2a35ffb8dc5704c4873a47a39c577099f92c0a6a7edf565364697e9a433c076e	html