URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-27 11:30:35 | 192.99.24.195 | ip195.ip-192-99-24.net | Not listed | AS16276 OVH |  CA | yes |
| 2020-08-10 14:11:04 | 198.50.96.77 | Not listed | AS32613 IWEB-AS | CA | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-08-10 14:11:04 | http://segam.com/tmp/dzzy8mfkrrg/ | Offline | doc emotet  epoch2 heodo |  spamhaus |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-08-10 16:18:47 | 5bda6a8a7a7265b29e8db19103395da39b962063d9cadaa193a0a1bcfda16fc5 | doc | Heodo | |
| 2020-08-10 16:03:59 | 722ed869e6d0e77b2dd1f33a633d66af3bf400a01989bb3ee4e6ff70d7b2ee53 | doc | Heodo | |
| 2020-08-10 15:48:49 | 61cadcc29ae12860c7578786904175024456e8d744d146f0e4a395a74250461a | doc | Heodo | |
| 2020-08-10 15:34:19 | 2f1c1797aad2e944e5064a10670e8feb3bcbd2ff85bb0c3cd9a3a16efa130426 | doc | Heodo | |
| 2020-08-10 15:12:39 | c82cbe522924e150ea3b677117518f7b51d4a6c084200611e1c73c35790bbfa8 | doc | Heodo | |
| 2020-08-10 14:53:09 | 365d24b51aae43c58665a5fca72115289aa276c62ddca2554fd016ac299ec917 | doc | Heodo | |
| 2020-08-10 14:33:37 | f4a3bd5e626d53658fca1aff6371dde7f7537270eb24c5532e6a1162c7527479 | doc | Heodo | |
| 2020-08-10 14:11:04 | 3e0298eca07e8d6c247fd44c9899c337ede7ecdeaf7952a80f9c1f3ac408d8d1 | doc | Heodo |