URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	gekata.ru
Domain registrar:	domenus.ru
Domain registration date:	2021-10-05 14:05:21 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-19 08:34:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-30 04:51:50	31.31.205.163	ns1.domainparking.int.reg.ru	Not listed	AS197695 AS-REGRU	RU	yes
2022-07-10 10:19:27	45.130.41.25		Not listed	AS198610 BEGET-AS	RU	no
2022-04-26 05:06:58	91.106.207.25	m2.golf.beget.com	Not listed	AS198610 BEGET-AS	RU	no
2022-01-19 08:34:04	31.28.24.126	c16w.hoster.ru	Not listed	AS29076 CITYTELECOM-AS	RU	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-19 08:34:04	http://gekata.ru/designthemel/0849363886965837/...	Offline	doc emotet epoch5 heodo	Cryptolaemus1
2022-01-19 08:34:04	http://gekata.ru/designthemel/0849363886965837/	Offline	emotet epoch5 redir-doc xls	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-19 14:00:06	f402293949516548cf2d981894ff8b70d867c113c15c0c5cae972a0139ffde08	xlsm		Heodo
2022-01-19 13:43:31	f9701b36e31d43185b01940b566bbf5db0dd4b67a324f31ed892479af4bc865a	xlsm		Heodo
2022-01-19 13:32:18	7b0c31e2bebb43c3b611177b359cdc3c7ee1ec93e44b50eef4d22fcdbe208e99	xlsm		Heodo
2022-01-19 12:43:30	12096d0db788662f717f1757f957629e692fc998bb1f86844980fc0b313f17ae	xlsm		Heodo
2022-01-19 12:27:11	86126169aa0ea824a141217cdfb2b6796f7c513fe9e21559cfd3ee05f9e32e28	xlsm		Heodo
2022-01-19 12:18:45	34fbb165d1df32c51b45c90739709ffd44a7b582b0d0b508605d698a5e8ce52a	xlsm		Heodo
2022-01-19 12:03:22	e98d6968eccf3af8dac1aafeb1eff78a52251e86932c3342832fbe24ba7bb0dd	xlsm		Heodo
2022-01-19 11:43:58	8cc57e5d6c185250f46cc0076c809b750f1f60a193e80bcc8c6701621b785d62	xlsm		Heodo
2022-01-19 11:37:41	c825272b631c355875fc48e3a914397611e5c9ba65f13ceaa4cf9fd7f6d92a17	xlsm		Heodo
2022-01-19 11:24:43	14e064f7f62bcfb8f520797593104d69cef2cbb090ac4f36b871ced2daab192b	xlsm		Heodo
2022-01-19 11:00:30	aca67468ced86d88c980d851092607e06405b3109230404fb7c51c6c916f389b	xlsm		Heodo
2022-01-19 10:49:58	e12ae7f5d840134b7d6b1bbd7c5753ca44b4c70f8e18d1b21b8c9377d5a4253d	xlsm		Heodo
2022-01-19 10:38:53	0bd208787cd1e8f9a0fa2c96534f1785b655ad56534abac7b4ce3d1f2f2f062c	xlsm		Heodo
2022-01-19 10:19:43	b80bcf2ea57e2d87665f00cd07f6df0049170b65b541621ce3ed45a589d20980	xlsm		Heodo
2022-01-19 10:08:41	bedfbe47fbde08c3b2471c10061982611d471e5feae913cb7f91e63003a1a5cc	xlsm		Heodo
2022-01-19 09:53:30	a675b7d974851232b65d25e7fcd87697f9cbbd9a6bac4d21b14a1e249015d321	xlsm		Heodo
2022-01-19 09:28:54	fb52c8cd5527da88fe38a96ea9bb45772d3a2e6e317d1e6249a301ae8ef05ed5	xlsm		Heodo
2022-01-19 09:18:25	d7bb3e935a6b066a86cf79ee17a9368b1d461a76a92f9478b694f2c0275beaf7	xlsm		Heodo
2022-01-19 09:03:49	ff21e0d799e7757351192a77594d12cce77faf6ebc669816ad4bc37ded38d952	xlsm		Heodo
2022-01-19 08:46:23	fbc47a25d026a1d3aabf04c65781142ef8d17ce0071e44f5925e33a2e3f715de	xlsm		Heodo
2022-01-19 08:34:04	e48f46cd60cb0b369d14352daf83f4a07f78332ff849bf8acf3729fcfd19cd47	xlsm		Heodo
2022-01-19 08:34:04	3b5298a406eb45eb1fee1b76cd8c4014d18fa7112c81ed7e5071c4578fe1ebe1	html