URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-27 22:36:36 | 88.218.117.30 | s-vps-il-619.upress.io | Not listed | AS209622 upress-drb |  IL | yes |
| 2021-01-14 00:39:45 | 104.21.10.53 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2020-12-29 21:44:05 | 172.67.131.61 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2020-12-29 21:44:05 | 104.28.10.52 | Not listed | AS13335 CLOUDFLARENET |  GB | no | |
| 2020-12-29 21:44:04 | 104.28.11.52 | Not listed | AS13335 CLOUDFLARENET |  JE | no | |
| 2020-10-14 15:45:07 | 209.182.238.215 | Not listed | AS29802 HVC-AS |  DE | no | |
| 2020-09-14 13:12:05 | 185.106.128.132 | coca.co.il | Not listed | AS44709 CLOUDWEBMANAGE-IL | IL | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-09-14 13:12:05 | https://scootair.co.il/agm/http://sites/pxempVa... | Offline | doc emotet  epoch1 heodo |  Cryptolaemus1 |
The table below shows recent payloads delivery by this host.