URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host www.norsterra.cn.

Database Entry


Host:www.norsterra.cn
Spamhaus DBL:Not listed
SURBL:Not listed
Firstseen:2018-07-01 18:11:02 UTC

IP addresses


The table below shows all IP address obsered for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones).

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-04-12 06:30:51111.230.34.41Not listedAS45090 CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited- CNyes
2018-07-01 18:11:07203.195.212.211Not listedAS45090 CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited- CNno

Malware URLs


The table below shows all malware URLs that are associated with this particulare host.

Dateadded (UTC)URLStatusTagsGSBReporter
2019-01-25 21:48:02https://www.norsterra.cn/pExV-1g5_PTWUzf-1C/153922/Survey...Offlinedoc emotet epoch2 heodo Clean@Cryptolaemus1
2019-01-23 21:32:16https://www.norsterra.cn/kwhts-4y_BLft-df/Ref/052883920US...Offlinedoc emotet epoch2 heodo Clean@Cryptolaemus1
2018-07-01 18:11:07https://www.norsterra.cn/EsD2/Offlineemotet heodo Clean@p5yb34m