URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-05-16 09:48:37	103.142.195.199		Not listed	AS139377 IDNIC-UNTIRTA-AS-ID	ID	no
2020-09-04 09:56:47	103.142.195.252		Not listed	AS139377 IDNIC-UNTIRTA-AS-ID	ID	no
2020-09-04 02:25:07	103.31.250.36	103-31-250-36.galuhmedia.co.id	Not listed	AS58477 ARGON-AS-ID	ID	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-09-04 02:33:12	http://perpustekim.untirta.ac.id/api/v1/https:/...	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2020-09-04 02:25:07	http://perpustekim.untirta.ac.id/api/v1/https:/...	Offline	doc emotet epoch1 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-05-08 18:02:13	a048251509ffd480cbead87fb1a6c34d4f2d934eef12667590b2f6749dc4c7c0	doc		Heodo
2021-05-08 16:10:18	bd915936f4ebec925c3575f9761ed6413b8f33e5a22c0b0e1fbee841f082e34d	doc		Heodo
2021-04-05 09:27:37	9d26434723b2f1533cc8285fc1de96a1dff007cb073d09da6f4cfbab29416f57	doc		Heodo
2021-03-17 23:10:32	50108a6d3dceec60be34172d0849298905389b14366205e4b9fa32157e3fa9a6	doc		Heodo
2020-09-05 07:02:28	62cc3eedb06b43f8a3e286b0a9f04cbf36fe240a532b217d91950ea20fa0ba9c	doc		Heodo
2020-09-05 06:53:06	62cc3eedb06b43f8a3e286b0a9f04cbf36fe240a532b217d91950ea20fa0ba9c	doc		Heodo
2020-09-04 23:49:29	be5a076cc07b81d54fda54ef3c56f2d60ee214c3d1fe46de3dc59a1df619dc29	doc		Heodo
2020-09-04 23:47:55	be5a076cc07b81d54fda54ef3c56f2d60ee214c3d1fe46de3dc59a1df619dc29	doc		Heodo
2020-09-04 22:35:49	50d0908dff351c8fcdfd307f4c93cad6065d4c10c2614fd4201209f862681cfd	doc		Heodo
2020-09-04 22:29:33	50d0908dff351c8fcdfd307f4c93cad6065d4c10c2614fd4201209f862681cfd	doc		Heodo
2020-09-04 15:31:27	c586e91d4d8099da78bb2b844f2da8385b3ce716069343a4020b32274c7ade39	doc		Heodo
2020-09-04 15:22:50	c586e91d4d8099da78bb2b844f2da8385b3ce716069343a4020b32274c7ade39	doc		Heodo
2020-09-04 15:17:17	088de2c93ca2a5d1c4e17cab469aa2ea619a58e4c03c744b338f74787e4dca86	doc		Heodo
2020-09-04 15:15:14	088de2c93ca2a5d1c4e17cab469aa2ea619a58e4c03c744b338f74787e4dca86	doc		Heodo
2020-09-04 07:39:08	970e16cc8aabea583a577bb3ca6a50b795357231ff02822fafb8aa7dd143667f	doc		Heodo
2020-09-04 07:26:16	970e16cc8aabea583a577bb3ca6a50b795357231ff02822fafb8aa7dd143667f	doc		Heodo
2020-09-04 03:12:42	2f40ae83dd7e6ea630b731213a7f9629565af65eca2bf9990d77114dc2b441e5	doc		Heodo
2020-09-04 03:09:30	2f40ae83dd7e6ea630b731213a7f9629565af65eca2bf9990d77114dc2b441e5	doc		Heodo
2020-09-04 03:00:03	cbf75dba4c6b4f8cbcfb647112f9a0a4f8efb293526aea73ffebcd800379e08f	doc		Heodo
2020-09-04 02:50:23	0ff718026b382be765c02b7185f73fbee59245cd282bd71f5623fe8f5e28a52f	doc		Heodo
2020-09-04 02:38:48	1fa1544383bbda2ef984f9c0a8a1e3ec9c37ede4a0e897d8177d7e92d3809ea1	doc		Heodo
2020-09-04 02:33:12	595e8a24f2e5e51e56138296f7c6cd58e709e8f532dbacc38ae66f462e0e071d	doc		Heodo
2020-09-04 02:25:06	9cf29b7fcce905e807fd1e4493af36f7f0e8618912601f1a85cf52af6d38d6b8	doc		Heodo