URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-08-30 19:49:34	146.0.35.70	epycserver.ctr-dragonmail.de	Not listed	AS24961 MYLOC-AS	DE	yes
2020-08-27 18:36:32	213.202.225.111	srv1438.dedi.server-hosting.expert	Not listed	AS24961 MYLOC-AS	DE	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-31 06:58:03	https://www.segway-rosenheim.de/bilder/eTrac/	Offline	doc emotet heodo	zbetcheckin
2020-08-27 18:36:32	http://www.segway-rosenheim.de/bilder/eTrac/	Offline	doc emotet epoch2 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2020-08-31 06:58:03	f80b4ec541f3da2d5ada150168f35f668716018ac8acd5b4e9d9bbe62b19d6d6	doc		Heodo
2020-08-28 11:35:10	f80b4ec541f3da2d5ada150168f35f668716018ac8acd5b4e9d9bbe62b19d6d6	doc		Heodo
2020-08-28 08:00:30	f35f09ee31dc9ba4c3d871882fadeeb10ed716f5a87be56e6129b111b6e5e34a	doc		Heodo
2020-08-28 07:25:31	8658e7ea7f3c4c680d6ddeecf93b59b9bfd3298d79d6f0e7a5c3d9aa1623d961	doc		Heodo
2020-08-28 07:01:07	88050d35083b23cbad8c80519f05c4c66eac22c93834338cbe483737e6b2951c	doc		Heodo
2020-08-28 06:38:24	2507d621fe85fc30dc544957a545cbf5ce274ab84800ad014786c512d4a988a9	doc		Heodo
2020-08-28 06:07:08	d08315a0a97b0c8716273b13bc52e85c717f2f90d04b0b1dbe88b33e08d90d66	doc		Heodo
2020-08-28 05:50:26	642f0b1333a6ccce34906af2c3332ee52c9580f7b91ce7e4fb658e0915b43e73	doc		Heodo
2020-08-28 05:49:54	626afa7c2b32a78e2a1fe772f4ca50f868034b791fd3c465f5836c4f67329049	doc		Heodo
2020-08-28 05:29:22	719703764819a3ae83679118e6bb21f6978fc85b753b794d004f4f45cab344d0	doc		Heodo
2020-08-28 03:56:43	d15d207c796247cb72e865fb89b2d86126c3ae9e3f7f84d6d799a5c179fee17f	doc		Heodo
2020-08-28 02:25:28	1777a62fe7df40cf57e27aeba4a8c8c50dfc4b978a2ef0e383dc2a63fd6fbf8c	doc		Heodo
2020-08-28 02:08:12	8924cd43cae04cf71c93149b8d2a6729ae28edc120bff304e833416121085341	doc		Heodo
2020-08-27 23:56:46	849e307244b485130d232a6fc0ff55cb46da7d823229add05f38b37b74139dbc	doc		Heodo
2020-08-27 23:38:56	ccac07133f39ba8959ded1de431ebf94504a7fbd3dc3ab932adbc13030533638	doc		Heodo
2020-08-27 23:23:38	5ea25ce6387f4fc4d741273dda0eefc709a68ab1fe384cffee188f091a2945fc	doc		Heodo
2020-08-27 23:07:08	6e90df31ca22290bcfbe1534826b71d5f71962a9c1841911be1bfae3fc033d39	doc		Heodo
2020-08-27 22:55:54	41944366953e90e2ac766eaabd79ffe7025801a5561368e1d9e382f9288c4d3d	doc		Heodo
2020-08-27 22:54:53	8f33d7ea4a7ba61871627527e0d0ca62bf82f56d8a40448ced4087f3654fd8de	doc		Heodo
2020-08-27 21:20:13	ea1ce5f9d12c67465b28319cf9b23a41cf938fe17878362a3a58f68bd85a9703	doc		Heodo
2020-08-27 21:03:51	bc591a14fc5b3d958ddf47dd0ab1ec96d1d8c2a5e2d3325f5f5814672df4f17d	doc		Heodo
2020-08-27 20:49:15	493671484f84dad38024d17bd7abd744b827836b03d67c3d1ae8f24e2617c29a	doc		Heodo
2020-08-27 20:35:15	aebbc22ec298ff9ceec0324b8ec99931c2ad41c220935c5baed852233de7d61f	doc		Heodo
2020-08-27 19:00:51	35da2a043122e43ce1a120246b4e1087eeb78de3d7ba0ef7cf2f33b0a7f470db	doc		Heodo
2020-08-27 18:43:17	b9e2a8c85d83c0a54743d72c3e4f2433957898eafc163f465c6b2450a30f4447	doc		Heodo
2020-08-27 18:36:32	a86cc60b85cf0dc5ce206c99179a486a81d96cad5afc105540f46e946e233aec	doc		Heodo