URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 17:31:30	198.185.159.144		Not listed	AS53831 SQUARESPACE	US	yes
2025-04-27 17:31:30	198.185.159.145		Not listed	AS53831 SQUARESPACE	US	yes
2025-04-27 17:31:30	198.49.23.144		Not listed	AS53831 SQUARESPACE	US	yes
2025-04-27 17:31:30	198.49.23.145		Not listed	AS53831 SQUARESPACE	US	yes
2020-11-18 12:14:22	13.55.180.246	awcp011.server-cpanel.com	Not listed	AS16509 AMAZON-02	AU	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-11-18 12:14:22	http://oasisafrica.org.au/u69cayh.gif	Offline	dll Dridex	reecdeep

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2020-11-18 18:08:04	581a2419d8e96d3367e5ead5f7de2c743133db0e69e6f3721d4a99c9ebafda36	dll		Dridex
2020-11-18 15:23:48	a6dd0ab287f5ec1861244476be86389947ebc9539c7730c09ee9b679c48ba798	dll		Dridex
2020-11-18 14:52:07	0dfab637891eaf6ff9134a21c5200d677f6e915a25b43e8a4acc5fe90f793033	dll		Dridex
2020-11-18 14:17:14	77419f5d237715b7664ae53e806dea7465cdb6159f76a462fc31fcd731db5f2b	dll		Dridex
2020-11-18 13:21:07	2e38ae5201156a5b159173b3e8b6d274d16cc5da67040cf71580e9b3308d1be5	dll		Dridex
2020-11-18 12:14:22	ae9628344dfef9e22d8bb19fd5001329640ec5573c5503e3ae99788ef7b58f1c	dll		Dridex