URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	royalsit.com.np
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-10-28 12:31:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	15

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 19:17:46	188.114.96.3		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-04-27 19:17:46	188.114.97.3		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-05-02 05:03:48	104.21.65.175		Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-05-02 05:03:49	172.67.164.244		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-11-18 12:39:50	194.60.87.97	vmi1122779.contaboserver.net	Not listed	AS51167 CONTABO	FR	no
2021-04-21 16:32:06	3.0.214.97	mail.cloudlaya.net	Not listed	AS16509 AMAZON-02	SG	no
2021-03-29 13:27:23	67.202.63.70	ec2-67-202-63-70.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2021-02-03 09:37:52	52.74.77.232	ec2-52-74-77-232.ap-southeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	SG	no
2021-02-04 18:54:32	162.214.156.4	cloud.servers800.com	Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no
2020-11-04 03:40:29	54.251.210.131	ec2-54-251-210-131.ap-southeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	SG	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-10-28 17:51:05	http://royalsit.com.np/css/docs/210424537778139...	Offline	doc emotet epoch3 heodo	Cryptolaemus1
2020-10-28 12:31:06	https://royalsit.com.np/css/docs/21042453777813...	Offline	doc emotet epoch3 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-10-28 17:51:05	913ad0deee7db9012293779fa15d6491806e2ea0d1935f45991a652ec1b76d4e	doc	Heodo
2020-10-28 13:07:37	913ad0deee7db9012293779fa15d6491806e2ea0d1935f45991a652ec1b76d4e	doc	Heodo
2020-10-28 12:38:16	0139fb5de658c6d87c219098461614781b790461bb4d2f6fda39ecb9f80855b5	doc	Heodo
2020-10-28 12:31:06	fe2ce73236c9a0ee51f755cbc9e5d0e07708c2635d8aa4d59dcb231ed7b71306	doc	Heodo