URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	demo.ibig.vn
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-11 19:22:04 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2025-06-05 19:22:29	45.252.249.24	Not listed	AS63760 AZDIGI-AS-VN	VN	yes
2023-02-26 10:44:11	103.221.220.15	Not listed	AS63760 AZDIGI-AS-VN	VN	no
2022-04-13 08:04:42	171.244.8.170	Not listed	AS38731 VTDC-AS-VN	VN	no
2022-03-26 16:52:37	103.104.118.176	Not listed	AS63765 HOSTVN-VN	VN	no
2022-01-11 19:22:06	165.22.61.59	Not listed	AS14061 DIGITALOCEAN-ASN	SG	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-11 19:22:06	http://demo.ibig.vn/cgi-bin/69794017GOEZTTKWRH_...	Offline	doc emotet epoch5 heodo	Cryptolaemus1
2022-01-11 19:22:06	http://demo.ibig.vn/cgi-bin/69794017GOEZTTKWRH_...	Offline	emotet epoch5 redir-doc xls	waga_tw

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-01-12 01:26:51	663ca3b8545e4e02572b5d348a1f77c7ef30d1810e8adbe25dd699b2cfb1792f	xlsm	Heodo
2022-01-12 01:06:39	c95bf0dd160b7a12ab600aee9220e652b1b1cc3b006f264c324a0c0a9d5aa257	xlsm	Heodo
2022-01-12 00:37:38	978af74bf15d2a91d89790b36c10deb099346510e755e8915883f43401b3fe10	xlsm	Heodo
2022-01-12 00:10:56	947dc8d6c337a63466168a9efb2e42e692fad8da89af9c4c295fcd174a89c979	xlsm	Heodo
2022-01-11 23:48:26	1b8fafe40bc98e1d41a794e824ab4ca505634fe25fdea8a3e560be3938ba1b58	xlsm	Heodo
2022-01-11 23:21:23	427080f3d4da3ec0746fc297c0a922b5212a53ae04504f5efd17ff4f9208c662	xlsm	Heodo
2022-01-11 23:11:52	6ec9e504112744f9f07ce60fb9315cdcd427d27a16c248fbe9746477bfc851af	xlsm	Heodo
2022-01-11 22:44:07	dd14be16e01e5fe53b7cf8199af830a979dbbbc33593606f3b25d7ea3b32697c	xlsm	Heodo
2022-01-11 22:14:30	b8662d7aff6b2489b65fd6ddc022a5a87c6adb0e1ed1f0286ccd80c0bc11471f	xlsm	Heodo
2022-01-11 21:39:04	20be5590c08561d3a5be97621400daf8528533950a589089a00a259da40668d8	xlsm	Heodo
2022-01-11 21:24:58	71da6e57fe5adfa0b06f8ba9525e6db95e7c25246179fa8563561d24e79e6c65	xlsm	Heodo
2022-01-11 21:04:51	c4bc03a927a72a21be0b15c8c55124264c456a940a325d8071f5cbcb7032f1c8	xlsm	Heodo
2022-01-11 20:49:20	c2cb81db208398e070c47e7d03e76709142dec85ddaa985883536283a0acbb14	xlsm	Heodo
2022-01-11 20:23:44	79a935edd516953713a4d4565e5dfcbbb08f17b9633f31d84e0e042a5de4c178	xlsm	Heodo
2022-01-11 20:07:01	270cb830f364c3927df68940e7fc558934d424996c1599fbcc9b95fde938f041	xlsm	Heodo
2022-01-11 19:38:15	95761ae4efbb60ee498b7d56d6c84e48753a21ab59a655f5439b47167baf6ea2	xlsm	Heodo
2022-01-11 19:22:06	c7361097a3fd04904faaab145a9e15e79e0a3f772aa9f0e374e8ecb7e2bca145	xlsm	Heodo
2022-01-11 19:22:06	31c59d0e7743edec80628aebea7f23f13a0e5b003af317f1eeb8fdafecb0db2d	html