URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 13:51:09	177.234.150.42	h59.servidorhh.com	Not listed	AS53055 DIMENOC_SERVICOS_DE_INFORMATICA_LTDA	BR	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-09-03 17:34:34	http://tecmicromg.com.br/templates/balance/vzmq...	Offline	doc emotet epoch2 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2020-09-03 19:35:29	f50133085cf408fa42e3568d8466e35d6ae2ceffb26ec78fc25041eb5e5d7c93	doc		Heodo
2020-09-03 19:18:02	fbede719be1983fff9ca06d29412edfcfbac49c78901582ccf686c3f3e50e2c5	doc		Heodo
2020-09-03 19:10:10	d7dccaf606ccac241264d06440a58415ea545b955e3e2538954c3ab166c541c3	doc		Heodo
2020-09-03 18:56:01	c1924a497d65fe1edfe3f41fa1f0010c8b39633a80994803811dba21f11e934b	doc		Heodo
2020-09-03 18:40:23	5861ffbfd99c2436cd216d199a0e6e8017a643cb62bd4eafedaada809b02f759	doc		Heodo
2020-09-03 18:18:22	45df584b759aeebac31b1c7dae71ed74a5711867e836b62aabfdfcf73e94d5fa	doc		Heodo
2020-09-03 18:13:54	03d9aeb5a4238c8cf02bf8908fb5eefc7f88cfd9effa918ef5d9dc66a2d8e59a	doc		Heodo
2020-09-03 17:50:52	70d8f24daa7b00f5210bbb7109a7b9975a0ad05c280d207f3504d82411c1bd83	doc		Heodo
2020-09-03 17:34:33	65a803b10719f7420467e6a66a5dbe9f9dea0a8dada387e1022e3e3c8340f750	doc		Heodo