URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: gaanda.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-09-29 18:12:33 UTC
Total malware sites :1
A record(s) observed :8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-29 23:52:21 52.20.84.62ec2-52-20-84-62.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USyes
2021-02-17 21:14:45 44.227.65.245ec2-44-227-65-245.us-west-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2021-02-15 02:05:44 44.227.76.166ec2-44-227-76-166.us-west-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2020-11-02 16:19:30 192.34.59.243Not listedAS14061 DIGITALOCEAN-ASN- USno
2021-02-08 03:23:42 62.138.3.208mx1.cem.bgNot listedAS29066 VELIANET-AS- FRno
2021-01-27 21:51:47 85.93.91.100malta2861.startdedicated.comNot listedAS29066 VELIANET-AS- FRno
2020-11-03 07:37:10 208.110.82.122ironman.ruu.cloudNot listedAS32097 WII- USno
2020-09-29 18:12:34 204.12.192.246cringed.arvatione.onlineNot listedAS32097 WII- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-09-29 18:12:34https://gaanda.com/wp-includes/OCT/4f79WRMKbVWJ...Offlinedoc emotet ext epoch1 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-10-01 05:19:21bca937c5b07cf43a6469fae63640f655c5bbdacff9c671b53965974a5203c262docHeodo
2020-10-01 04:30:24b2af72414cca6a559fbc5e9254b6080ce9d292ef4b2a37d8973118f7fffca277docHeodo
2020-09-30 13:05:3190de4105fc91aa76e474d5d94fe9fd26b8d6983986653c2d8592f39376ba5652docHeodo
2020-09-30 12:53:18f6ed8a2b25a6f8f693aa0aa17e1a77c02888113452cbbb4efae319131fd375ffdocHeodo
2020-09-30 12:33:242fbc53c50b9b33c49311e11a41aa64660b305c9c7d4a4db3986c59a1a77696a8docHeodo
2020-09-30 12:04:346332f6b0886bc926911339247b72278894fc0667a705e120fa356efd3691962bdocHeodo
2020-09-30 11:35:2930a7ad680eae9fb430a78853e35fd6cb80bdae54566ed12b89279174f8a26f7fdocHeodo
2020-09-30 11:27:51ce1d7fe9a715dbd5b408b17ff12010a67d3d1d002a9484370931304e35254f12docHeodo
2020-09-30 10:54:022bc311aff7d90ac42c818d1850c8eff0fca326e6c334899f8041c63a59753465docHeodo
2020-09-30 10:36:20fce9dd88327154889e459164ac4d29d0063315340b5ffd9690868ad5e46c352fdocHeodo
2020-09-30 09:36:455dc39fed6361864ebfcfe504125bbc05e085ad4f1fb6c92a3367bcad83b695cbdocHeodo
2020-09-30 08:38:554c25015ae6e259e42564c6b03066111433ae12f8488364a45ab1e6680d708350docHeodo
2020-09-30 08:16:5125b7f727f0f1e44dc0b90a12f28264418053fc308ea16c0050ae887a1db7d5abdocHeodo
2020-09-30 08:03:44ae08f6ca3d49c7a6f89007400a01827f8fa1e32ea4d88e4e38ff705f70c810ffdocHeodo
2020-09-30 07:56:16a3f7b976b0c108284bf0de59187798f84d509ad7182c92761cedbb9b35ba4a3ddocHeodo
2020-09-30 07:34:59848472a593e725755e8a0b52a61189cab28bedfa9f8d62a7a528790838e7d9acdocHeodo
2020-09-30 07:16:07e750318c6f5ae04efc1b912fd250a9bdf7c83ce3289a31f303d03bc0e9e4b11cdocHeodo
2020-09-30 06:49:12464e4eb4c4d1fe1f13e2d9a96e6ebbb73ccc5f8dc2bd333a286f1e07d85899b8docHeodo
2020-09-30 06:37:52e4c0e12e6e90cabe22fab698bc2684a13e9719668942b682bfaa1ea0bd3336a4docHeodo
2020-09-30 06:12:494b795f3870e608b6c61e4a7757d87deb5525949aadeb15393e2b83cb4b34e618docHeodo
2020-09-30 05:47:456203971a2e4b246318cba558f864664aacc3cc5dae07aa3b8ce1fa6fb17d590ddocHeodo
2020-09-30 05:33:043bdee9fdd814363fa073be396eda19d9242d4bfd82702110dff7564d61ef4a8edocHeodo
2020-09-30 05:02:37869911e995bc11a3a2e87a02de6611b59d26ddd5b21c6c77e72f327620f526c2docHeodo
2020-09-30 04:43:10b91cb11be0bd9f80cec08a069751a27ef60de586e87e2ba9f8d2a4dc266f879fdocHeodo
2020-09-30 04:26:3189512a4396d991ea5a6384037a7418d9f30bfe1d444f2fbef7a0c0b5f2f421d4docHeodo
2020-09-30 03:51:456dcb7e9d3ef574e032cf8d4f7da8e1ddefaea58991677a7e53be13723839e09ddocHeodo
2020-09-30 03:32:02c5fb0bf46e7abc0dc192a51dc5e8c8f05df4c91bd08dc53d536cd4ffbf09f89ddocHeodo
2020-09-30 03:15:29d21a659e131509501f27e12765fa2f8ea25eeed319cd31587ba7457738e3f06cdocHeodo
2020-09-30 02:47:0867d283b362bfdbb0db8f7a103bd5c1c3c7fadbb22b0cccc5b0cea1b48d1bcd16docHeodo
2020-09-30 02:28:073e16472eff5bf2937b0f1833264ef998b9f6339e36a135499b25cfa8e794b33cdocHeodo
2020-09-30 01:53:24329d9911d2004877126f938ba6875d9f348d33b31e1ccd880a2a62adb461d1a9docHeodo
2020-09-30 01:36:301b7ae75c0843e24188c16e98283ae53b2d5d441a3149a30eae0eda9db7781220docHeodo
2020-09-30 01:08:5907f05248ebd561f95c8b5988fddd0396c6d3c0a61015e3cf154e1e97f2af015adocHeodo
2020-09-30 00:47:5610f4a118d75e59c1f0ae83e7e44c9553fd6925a4bcf21a4cb62559c38c550147docHeodo
2020-09-30 00:29:299d6a2742e7b189220132964cb3ecc21eb2bf93bf90143787ab21937cbb1b2e5fdocHeodo
2020-09-30 00:08:181d5392f655dcdc6f812366e57505b4f345c53a8c5ede33a7f7b9d6e05c3deaefdocHeodo
2020-09-29 23:54:4198c87f2f2e124f5e8444896304f556a844430d6543223343abc894702abf99e3docHeodo
2020-09-29 23:36:349a24d61f24a1211065b986def505c02b66a94f2b1cbde8fc6ef868391c24d4f3docHeodo
2020-09-29 23:16:591d742e585ed7b4c237726a945da11795c46da01716e9da561d98fff100ee938fdocHeodo
2020-09-29 22:56:0208c3a51969b9ccfcd46ad14ef1a7599a798c21e693a582ac6d8f449f77f4fc09docHeodo
2020-09-29 22:30:4132a76ed8013dd82d6e6063013236d7fb37bb205dbd6ff84ab785e5af12e6b3f0doc Heodo
2020-09-29 22:08:29004d7159e2360d1569de7849fbd5ffa3e63968d011834c565255ade18fcd54cbdocHeodo
2020-09-29 18:58:1832049385466cefdb6902bff7a1c1c93274f20eb51842f1dc68a84e5de14716d1docHeodo
2020-09-29 18:37:10275a46a9c86fcb536d7dee38a273fadc27066204b68ef852423568f9f925ae81doc Heodo
2020-09-29 18:12:34f363539a468889742abe35748f7f351c58d42294cf01ec320abf7642d5bed79bdocHeodo