URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: demo11.qatgroup.co.za
Domain registrar:1API -
Domain registration date:2020-02-28 20:15:05 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-01-18 22:22:03 UTC
Total malware sites :4
Online malware sites :0 (0%)
Offline Malware sites :4 (100%)
A record(s) observed :5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-10-30 06:17:18 185.53.178.99Not listedAS61969 TEAMINTERNET-AS- DEyes
2023-01-16 10:12:11 185.53.178.50Not listedAS61969 TEAMINTERNET-AS- DEno
2022-03-30 21:31:02 99.83.248.67ad9042477ef37f5d8.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2022-01-20 20:40:40 172.104.12.128s433.nyc7.mysecurecloudhost.comNot listedAS63949 AKAMAI-LINODE-AP- USno
2022-01-18 22:22:05 134.122.28.59db-mongodb-nyc1-bfv-1ff9bbca.mongo.ondigitalocean.comNot listedAS14061 DIGITALOCEAN-ASN- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-01-19 23:02:06http://demo11.qatgroup.co.za/wp-content/lBPbcEW...Offlineemotet ext epoch4 redir-doc Cryptolaemus1
2022-01-19 23:02:06http://demo11.qatgroup.co.za/wp-content/lBPbcEW...Offlinedoc emotet ext epoch4 heodo ext SilentBuilder Cryptolaemus1
2022-01-18 22:22:05http://demo11.qatgroup.co.za/wp-content/NQZ_46939/Offlineemotet ext epoch5 redir-doc xls Cryptolaemus1
2022-01-18 22:22:05http://demo11.qatgroup.co.za/wp-content/NQZ_469...Offlinedoc emotet ext epoch5 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-01-19 23:11:209d1fb84bbcd977c6ff6a873b6485cf44af7d6562fa046b0b751dd1f6bfb2d31axlsSilentBuilder
2022-01-19 23:02:05c48a780e4664704fea5ddb053288a405a134644cd21cf1b2a21050df56d28d94xls Heodo
2022-01-19 23:02:046266492f2f6c9604f076d16b5749dd053f733a70c863c6a344a4e35961bb226bhtml  
2022-01-19 22:34:27d08eb16b9f222bfc43f34e7e0efddd2370f747627d6869c18403d9b4b2bf6480xlsm Heodo
2022-01-19 22:11:46c3f53e74cbc71cf1956d17dae939c2d9f31a1c2e81328a3ca88ceb1e3bf652c0xlsm Heodo
2022-01-19 22:00:06892cb5000c5657175c29ea88c181fd1c0ebe8ebce03702df7b7340973c0f52b6xlsm Heodo
2022-01-19 21:40:4688390a46879f6c9ff67152cbf22d1868e9edb89c0724e1e144a789c73f69b086xlsm Heodo
2022-01-19 21:26:47e612d546205aa859563388f97efd28b24ac64d633c059f4dc746bff6729d1647xlsm Heodo
2022-01-19 21:08:501cfe5e523eb76253a7b3270d91f99f4998ab8ad60ec974444451ef69632a0d29xlsm Heodo
2022-01-19 20:51:28c8b489b858ea1f5536525a2b538ee8d955f10b8f43b86e4eb06894d5c48e885fxlsm Heodo
2022-01-19 20:43:066c3a841145e2fedd8c5a7748d925cf469f8a3bf9f2cf457c216c18c5be51afafxlsm Heodo
2022-01-19 20:21:0639d40e8b39b2ded1846a5ac1aa2441a8bc1e11f4edf26d60f60d49862a3435bbxlsm Heodo
2022-01-19 20:12:5146bdf6ee62843383d15200ed9be277d08a6181063bb788c617472cc5e6142fe9xlsm Heodo
2022-01-19 19:59:4817fec23004233b510f24a66fbfbff83304bf565e4138fa85b44c7b80d9dfcbafxlsm Heodo
2022-01-19 19:46:50bc7476f9d9148b939127a2024a1b341cec82fb398bf06667bdd3da4b1acc8bd2xlsm Heodo
2022-01-19 19:22:32061f1cbf244c489c29d77924140bd6d380d4d09c0b1019aa2bd30751a08ed12dxlsm Heodo
2022-01-19 19:19:13d13c581258a7b7cea4c550025cf6e9a52d509d4759d34753a8386e339153ef11xlsm Heodo
2022-01-19 19:05:060182d934cf978c326c068e12624db542cd902971a1c3516443ec11e2fecd069cxlsm Heodo
2022-01-19 12:22:56515c9e3ac18310c9234c70c9b9b782b3b7cf48fe16da7547ca683acc944ad997xlsm Heodo
2022-01-19 07:23:12e645688505083165509fd637e93c86cb2390f1a9a93a38a0cfaa1e1b88f24b68xlsm Heodo
2022-01-19 07:02:59bf358073ed5741312e901e0fac9cc9af2c7d3f4b3b9f6d1f89f0c02fcaae63f8xlsm Heodo
2022-01-19 06:43:41d6553545b1163cac98c8454f5751dfd16b73d1c9262916d86996b3fe3cfb632dxlsm Heodo
2022-01-19 06:29:2896bc549312ea7fde7f0e9897ce14a8f4a7b0f970cce2bf36a9d1be5e2b7bfc3axlsm Heodo
2022-01-19 06:21:41b63e4863cf6daee93a61ffb74ae312b6345f3ea4bbbdff04155dd5cedb554cd7xlsm Heodo
2022-01-19 05:57:347fa31dadb117ef22bbce1462447468727b056cff0d6f874582c03d7db2243df0xlsm Heodo
2022-01-19 05:52:21fef7017d59c99fb7ef55f867d66297ace1a66b98f61817b5f42b0b9c4e22a3e0xlsm Heodo
2022-01-19 05:30:2917e58485ceea86f7c5a32f35a478b985b7a90573512c8cd051e090e4888e1f20xlsm Heodo
2022-01-19 05:14:329460b2bb8ba2fb292c897532ce1f2671a383bed1194dd3aef7c2027fd427c09fxlsm Heodo
2022-01-19 04:57:30bea5921badee43603291587c2cbed8fc2d82b15583a6d11fa66afc9bdf2b84e2xlsm Heodo
2022-01-19 04:40:38e3f5e0fe4b1a91a4511c3621a2d351a6132fe0bf448379a4953829cbc6579641xlsm Heodo
2022-01-19 04:24:3984529344649591a9fee25983b732a5171630e0eae26c5109f8916587672efafbxlsm Heodo
2022-01-19 04:06:581f513a8a5f8abe29e8c9fda004daca2f4154840fce7c903e05372f0ef8a45903xlsm Heodo
2022-01-19 03:54:253f25b33a654731325f43de1d4580715d04256dbc9a5edadae6cdecf84897d962xlsm Heodo
2022-01-19 03:41:20f2136dea41d8f87bda99e7a714825442517cef672c6081c69904bd3ca8b51455xlsm Heodo
2022-01-19 03:22:08007b703040eca65bd22588faeaaf7316df014c55b1e2e4ff505468d1c9c7788cxlsm Heodo
2022-01-19 03:06:44c048958b5e8cc5b2edc5393979348466863b4e67a0440bdce07f046fcaa33f6bxlsm Heodo
2022-01-19 02:48:07237b2490c0e6d27ef3badff081fa7ba4b7e05a805a3664047eac211affbf612exlsm Heodo
2022-01-19 02:29:36a520ea7a2ccefc4192333c4ecc52eda0fc0702a3a8d9e6de11d13a9f9fede9c9xlsm Heodo
2022-01-19 02:11:050d0b8301a65a0f3ee350a52c1771044e326d54e851e5cc43c47a8d3bce1200d9xlsm Heodo
2022-01-19 01:54:5842b3f45dbdebb32d3b00bb80dc8e8f559d772005a06a6e08c256f25d088a6e46xlsm Heodo
2022-01-19 01:41:587200e5724315590135f88283962627c70469223398ba6674b2bcfb070f0ebbd9xlsm Heodo
2022-01-19 01:28:05df2769638bd691851f529a5320a54d92d23f6d702c88d31a37ebbce68491a635xlsm Heodo
2022-01-19 01:12:05f5577c81556fa38d796518163c5c798b23415437423aa249a0cc9c20a65f3349xlsm Heodo
2022-01-19 00:58:39c13305fdd9e7e4ce379937deb578ce2e788370bc2b547e027db59c59b722efd4xlsm Heodo
2022-01-19 00:49:321fa60639ea962861142d2efeb77fd77c280fb3442d31d2db07918d54e6b5336cxlsm Heodo
2022-01-19 00:36:1679cfdb919315844deefdaa5f9ad364a026f3a795b473171647cd0176a4333f01xlsm Heodo
2022-01-19 00:16:157aee2fec8e183b1903208d7a478278b68708d2a38f321a493f0493a27d46322exlsm Heodo
2022-01-19 00:08:00ceaa2e4a3e4521b680dbbb7645140a69929ac5ecb0d9342bd88ffe34e33bfcb6xlsm Heodo
2022-01-18 23:50:45c367a9422665976310f8899e0ae55a7415babdc88f2377d6bdc4e62aa373368exlsm Heodo
2022-01-18 23:34:116001966534b597395906f4462e7dcc3068171124579b7265e5e7be7e05e5c427xlsm Heodo
2022-01-18 23:18:50c903fb3b373c6c8d58084c907ac1629e16ed3f39d8407e4db2ed41c417f4131axlsm Heodo
2022-01-18 23:09:4096cbfe690490f4cfdbfdf395626f5f393deb559f0c078aecfa9facc6fdac9d54xlsm Heodo
2022-01-18 22:58:3942fce6fdb4460cd9ed23a7e05582c8344c254ca42bf5a384ec854274e372b0ddxlsm Heodo
2022-01-18 22:48:21f601b3c0045352c178e7dead3f2dc7077202e24e4621bfeb5436905417814a72xlsm Heodo
2022-01-18 22:22:04537b1452b0affc6d25cb8cc85461972a19f77fce27500d972b7cab69595ebe51html  
2022-01-18 22:22:04c96f85662e9b91ef48116048a2b379783a961a851b6281497f1e93de0721ad15xlsm Heodo