URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: abovethemezzanine.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-08-06 07:50:34 UTC
Total malware sites :1
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-27 10:30:10 69.194.228.227alpha.unisonplatform.comNot listedAS33494 IHNET- USyes
2020-08-06 07:50:36 174.136.63.124kilo.unisonplatform.comNot listedAS33494 IHNET- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-08-06 07:50:36http://abovethemezzanine.com/cgi-bin/docs/a5s9j...Offlinedoc emotet ext epoch2 heodo ext Quakbot ext spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-08-08 00:08:1099c91d2f1ecbee44baa8f5c9f3bfc0e2d7d11b63cac8d777f6dc1dd3b1c2aaa8doc QuakBot
2020-08-07 23:18:0241ef6b4c13a98f92f61c7a14e9619f68f166ea699a7ea6eee9a1bf0165512f81doc Heodo
2020-08-07 21:47:0471966324e0563adb2395fa41631df268d23b2d20fcd6e4ca70f94e3444f5d980doc QuakBot
2020-08-07 20:15:4151f4b68143c9a8757314246d5abbca3969c650720085f62ae8dd4b7a41c5b300doc QuakBot
2020-08-07 19:59:473f4c381531d4604385f763850e0e32cd72c1b21b78330327c64b2da16e62e9f8doc Heodo
2020-08-07 19:27:34ceddfbaca020f738159a9f23ff626356400ce8a3dcccb86e056e207a1580543adoc Heodo
2020-08-07 17:57:17789708613dc7aefd92e2baea4ae403af56c32edcb2dda9c7dcb85a188ba7bc68doc QuakBot
2020-08-07 14:23:28a748a34c235392f3218d8d9f628bfe14f1fa098e59b8486a4591cb3c057a2eecdoc Heodo
2020-08-07 14:03:3483acfc01aed8937375c8bc98733684caaa595766301ca229d41af7b2c3966921doc Heodo
2020-08-07 13:27:1622c64ac7a89ab8a195cf01ac7fe65b95cfb560eb85d98fe16f7b5b0e5db27538doc Heodo
2020-08-07 11:56:02cef4ea2fe357130f745c348c302765637f0096a8059215da43291113583d1ceedocHeodo
2020-08-07 08:35:34ccc4d81c64186a882e88830fe137713a51403e6d89dc9fe169b84e6dd520bda1docHeodo
2020-08-07 07:03:586011d30bda10ff7a9f9e5cc83968a34178af8cb958e7eb7fe50f5d735c06c590docHeodo
2020-08-06 23:00:481f27b0c851f6193afa8545d83066678915312340a2a6a776103add49154fa6d7doc Heodo
2020-08-06 21:30:291ef7cadcf3f3ab9942c605b804971dc175c8cd97b08b3d01445ad36f4ec08463doc Heodo
2020-08-06 19:57:366404a5a49751db7e1c82b5bdffadd5171eea2b5a4b43f9b77afb50b2095df09ddoc Heodo
2020-08-06 19:41:193c74dbf95327daeaf341a8b8b7eefbe17199eb34186f75217d342c3b384a1ce5doc Heodo
2020-08-06 16:01:0405c72e97f5d458c6490496c4ac646b9555bc470d63b6bbea42875e5adb1a1549doc Heodo
2020-08-06 07:50:36304614d4a80ddcf70ed20283f9b4837eb8a9b65f318b47acf092be17ed214933docHeodo