URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-10-04 12:14:39 | 47.76.127.217 | Not listed | AS45102 ALIBABA-CN-NET |  HK | no | |
| 2025-10-04 12:14:39 | 47.91.170.222 | Not listed | AS45102 ALIBABA-CN-NET | HK | no | |
| 2025-10-04 12:14:39 | 8.218.208.240 | Not listed | AS45102 ALIBABA-CN-NET | HK | no | |
| 2025-04-27 23:33:11 | 188.114.96.3 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2025-04-27 23:33:11 | 188.114.97.3 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2025-05-26 00:33:44 | 104.21.59.218 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2025-05-26 00:33:44 | 172.67.184.147 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2020-08-24 09:27:22 | 172.83.154.35 | Not listed | AS201106 SPARTANHOST |  US | no | |
| 2020-07-21 19:27:42 | 47.57.91.108 | Not listed | AS45102 ALIBABA-CN-NET | HK | no | |
| 2020-07-22 07:05:04 | 38.143.3.254 | Not listed | AS174 COGENT-174 | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-07-21 19:27:42 | http://www.cliplus.cn/keys/open_box/external_HX... | Offline | doc emotet  epoch1 heodo |  Cryptolaemus1 |
The table below shows recent payloads delivery by this host.