URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-28 03:34:48	195.38.165.5	hosting.satcom.kg	Not listed	AS8511 AS8511-AI	KG	yes
2022-02-08 06:52:17	195.38.168.118		Not listed	AS8511 AS8511-AI	KG	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-02-08 06:52:17	http://elm.kg/wp-admin/sZnZSz3iN/	Offline	emotet epoch4 exe heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-02-09 07:23:14	18e3b0d902f95fb74affd0f0e203b5a7d6d8a9aa17967611b17377008b5f0c52	dll		Heodo
2022-02-09 06:45:59	3f270a045c7790d873722c023a6102dc78996d20f12190f3dccade2643af0231	dll		Heodo
2022-02-09 05:56:25	d16a46d52404ed920308e2adc7f1e19e6a6f6bd6a2147a558a925feea4c44fdc	dll		Heodo
2022-02-09 04:49:42	e1a7c1684742856232d67998247448648427be9da0ba8a2d3f2b4701b2d0a5f4	dll		Heodo
2022-02-09 04:44:40	660f99f56e79ad2133653eb5708f03f1134ab1543b7d137018e1bf4697671a81	dll		Heodo
2022-02-09 03:00:15	e57bcb918529896e2a1843d2a0dfc28778806959555fef935eeddc103b060b98	dll		Heodo
2022-02-09 01:58:26	d6bf53179ebacf00bc89a181a886275170795d6bb96f7a0273f1c3ede036d726	dll		Heodo
2022-02-09 01:37:37	dff2d695842cb4989b00b70e555b99f38a7e531f64d604737b37c2ec9a6fad0c	dll		Heodo
2022-02-09 00:34:09	9cb3b0cda875b1c6cf6ab93d533488de9c7fbc13776ff986f0d5a9bcffb78c96	dll		Heodo
2022-02-09 00:11:16	6aef4ec242aed3271c09152bdb4e3797e8a7b4d0ad32680904cf544d2f24aafc	dll		Heodo
2022-02-09 00:03:43	ed45011f39129ef959ee0cbd72bf2e8b913e4420c7b4e18ef1d8121699834c14	dll		Heodo
2022-02-08 23:40:24	9cd7c3b2804a3d0524303df68409294a332eb5339e9c8f71c5fc91631a629002	dll		Heodo
2022-02-08 22:46:36	68d1f684aa1b57ddb60c8a275e89782eba308716ad0578bdcb561e4b30aff997	dll		Heodo
2022-02-08 22:23:44	a071b4d764785231dace1db4c0c6941c53cc178ab7b9b03e680e9b95851b64e9	dll		Heodo
2022-02-08 21:12:27	f838cd9069942773d20e57004a55c26dc54d5ac1f89a694780c07caacfa9a534	dll		Heodo
2022-02-08 19:30:22	b5a505804fb8b25ac27e6406e17140095160bf6b472ed481e99595b57c1985ba	dll		Heodo
2022-02-08 19:02:50	0849f1fce358b303840936940c88aaee176313791757c85e3a2458e75d7afd6c	dll		Heodo
2022-02-08 18:04:15	62b0091f773826721732471f776cd1f5337845d126612ab94f0e834b198c1cc5	dll		Heodo
2022-02-08 17:44:37	a133dcbdd7df2adfc05bee852cb4fdc9c86ac2c9ad8fc0fd57743b9f859bdd89	dll		Heodo
2022-02-08 17:12:45	80089e2da67b114ae315ed3d57eec7b9848bed06d66607fb2a14988f429f757d	dll		Heodo
2022-02-08 15:32:35	fc20b922e2c640a8c515f38c07c81a04a72f15c8d874801ae2577c487bda5ac1	dll		Heodo
2022-02-08 15:16:17	2ce98f23620bfdf74566dce33a877f27269ea06a3662b425461e1bb85ee67400	dll		Heodo
2022-02-08 14:54:52	63aff8208ea9ac90946bcec73357cbb0a78b46bcb368711c415bb67e4233053f	dll		Heodo
2022-02-08 13:07:29	c5c8dbaa7a3db9c5487eae6ccd40861bfbc1cec16c47cd4e6b9a092b89a8cf4a	dll		Heodo
2022-02-08 12:10:00	e8e43e0523dd1049ca24a9132f94401dd7722abb5a456b2c946ec84d3b5719b7	dll		Heodo
2022-02-08 11:06:10	1c1399d5c2173fd30da9125c7d65fdb49bf7c06a877321ea2646244e40af7c06	dll		Heodo
2022-02-08 09:10:51	2e231d4ccb5de07811583fb4dc09ce078d127ecae0823d0050600b90d0e250e5	dll		Heodo
2022-02-08 09:06:18	c92dc4b2c9f4cb557250b1e5e58223d746d99b04954804cc3adf3982cc82a4be	dll		Heodo
2022-02-08 07:57:33	cd455aa422f4543ebf743838651c0a6f39ffb2970722bf450effd2325a21100c	dll		Heodo
2022-02-08 06:52:17	853f1f1b3b3eff240e3357334314d61ee1834aab94a1920ad95830a4a6c1360a	dll		Heodo