URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-27 15:33:43 | 104.21.61.233 | Not listed | AS13335 CLOUDFLARENET | n/a | yes | |
| 2025-04-27 15:33:43 | 172.67.216.14 | Not listed | AS13335 CLOUDFLARENET | n/a | yes | |
| 2021-12-13 17:13:32 | 162.0.210.54 | srv7.wp-techsupport.com | Not listed | AS22612 NAMECHEAP-NET |  US | no |
| 2021-12-07 14:28:20 | 52.3.173.204 | ec2-52-3-173-204.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-12-09 07:08:09 | https://www.techventuras.com/pkg/vptw8uazVsxGmbn7/ | Offline | emotet  epoch4 redir-doc |  waga_tw |
| 2021-12-08 19:41:08 | https://www.techventuras.com/pkg/Ka7P5SJRG/ | Offline | doc emotet epoch4 heodo | waga_tw |
| 2021-12-07 14:28:20 | https://www.techventuras.com/pkg/tYw4IcfUk4SJzf7/ | Offline | emotet epoch4 redir-appinstaller | sugimu_sec |
The table below shows recent payloads delivery by this host.