URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: ghesatmienbac.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2020-10-22 02:42:04 UTC
Total malware sites :1
A record(s) observed :5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-05-09 19:44:43 72.52.178.23lb01.parklogic.comNot listedAS32244 LIQUIDWEB- USno
2025-04-27 11:18:45 34.254.1.203ec2-34-254-1-203.eu-west-1.compute.amazonaws.comNot listedAS16509 AMAZON-02- IEno
2020-12-24 07:54:09 125.212.243.126Not listedAS7552 VIETEL-AS-AP- VNno
2020-10-22 02:42:07 112.213.89.168pajero.dotvndns.comNot listedAS45544 SUPERDATA-AS-VN- VNno
2020-10-24 02:01:24 112.213.91.61mx9161.superdata.vnNot listedAS45544 SUPERDATA-AS-VN- VNno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-10-22 02:42:07https://ghesatmienbac.com/wp-includes/LLC/Offlinedoc emotet ext epoch2 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-10-22 21:00:40838408d31e494e72b257feeec73407a2f778e6ecc47754ae16af0290515dc9fddocHeodo
2020-10-22 20:27:587870bb6e747db99efe1cf3586ceffa06734408184572a3d7604608401ae9e2a7docHeodo
2020-10-22 19:56:289e8cd8aebd32fb60f851df02991810fc8c258e778dd8557ca033bfe0c42fb5aedocHeodo
2020-10-22 19:47:341fe29e28174521c55bb6e73db876f3e783ba9eb0905a51be0d2ee6254bb903e4doc Heodo
2020-10-22 19:15:48e9d87e6f00f59e3b84a5389f77adc3ce03b38559a26aee1be20f6bf5c00e76fedocHeodo
2020-10-22 18:50:59d718bafb38535e5c1ca6fb484a744078d3ff431987ae87ce1682bd38f8aa350cdocHeodo
2020-10-22 18:34:33d2e5fecca0f50a65f669ec7b288a2dfc7058179d08831ede0a548433ed90eb88docHeodo
2020-10-22 18:16:569240c94cc6ed0ba3216b915f27c3b8ed8995206803a332f664297fa4d5e1c72cdocHeodo
2020-10-22 17:56:3628061fbdc60d3031a20e1c8f75d20d703307a03ba696fc87e507c3a356e0ae68docHeodo
2020-10-22 17:29:076e73ed5041166e3aa6f7ce070efab391259a868771d35fa7f6b8aa64d8a3065fdocHeodo
2020-10-22 17:14:334840c4bc9a8675fc94f8331c5d47bb83bb56e35696dc11b7cf7be8147c0f0829docHeodo
2020-10-22 16:56:434cbd537b728c17d400cade05f1fcf9810b723df76c9efb65e6a75648d59cf13bdocHeodo
2020-10-22 16:23:332e0fa43a2843fd83402b86b0ac90f8cb04e7397a167793ccb42d7fc69de3a987docHeodo
2020-10-22 15:45:5498d0f2c55494aaf59e1235a59b639621f2ffc6764bca6a15450ff0374e3fae62docHeodo
2020-10-22 15:32:1027a2f3fc365f4d0624325a33456e529aa149ccc2488338c41ebe8971c1bead0adocHeodo
2020-10-22 14:56:352e45410e293f870df9a2729fd8d3e0aabac8b6aa79365b502a849f90ccb67b67docHeodo
2020-10-22 14:29:508a2460eefaab1e7c970a1836dfc66aacd55610790f20f1074e9b30d4eeb71890docHeodo
2020-10-22 13:55:5323433b6ffc030c13d0f346dfb92144b3b2e92a4b5ae3c6e1d4d16e7a3e8ce48bdocHeodo
2020-10-22 13:39:418fff54beb4262f2a56b898c4004613c1f1fd9933cdcd99c0f45ea1eafb125b48docHeodo
2020-10-22 13:01:309c0cb6e2390b59f199cd4dfbca2d6eb2106969b29ec8df33e4987474b80344eadocHeodo
2020-10-22 12:32:327eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0docHeodo
2020-10-22 11:42:014d47b00933264748db78cf195ca1f5e1c8b123664e286f42873e764ded7fcac4docHeodo
2020-10-22 11:15:420f43e36af3a584e03529dc3f2c9c6b9e26edee46742cb8db7112fbe7be0d2c8adocHeodo
2020-10-22 10:53:28d7d4f0e3118be6b096fce94e099d314a78ff45b33b0c6db9993b71d66b171e6cdocHeodo
2020-10-22 10:36:18a0ac35ec0ee3a97f79ecb953f29c1dca13fa5661a5df78ba82012b16c5b291d4docHeodo
2020-10-22 10:29:44e59123120209e007bb80c178032c84791d47cc6ee629f80a0126521791ad3b41docHeodo
2020-10-22 09:55:453d37409bc0560c15a5641dc06d70f3eaefa42f6dd518a40ee05b1e0d37474b2bdocHeodo
2020-10-22 09:24:43969af7921bad722ff0f082e99bcb5d90218a2b64387e795508902aa64f7a351adocHeodo
2020-10-22 09:16:406f3d75a10a076e6b9a67b98deaedc8b08868717927822f5beb79aaf7fe7d1d6cdocHeodo
2020-10-22 08:57:1872260fddfa04793a225f545c6e2e63e49eae09375ed3a8a64a5fd3164804be5edocHeodo
2020-10-22 08:15:4906b7e31dc559bea806d24d61738a77de70118de926adc81fcbcdac1468c2bc1bdocHeodo
2020-10-22 07:56:200cf6b6d2c70f90c73c8af70fddcaf553d0b296661f49c2958c7464ed3294676fdocHeodo
2020-10-22 07:20:277ea7e8e50ed5f1d982d9e997b05f46be02dd03e44b514e6b214f687eb011605edocHeodo
2020-10-22 06:55:53a78a2682db9e96335294df8912a7cd0a843bc011ae898a7fc211f79aea919fa2docHeodo
2020-10-22 06:40:15663caca913b5cdb6b0d552c6078f6f3617fd27e5239949b1bc7a35c3d399d717docHeodo
2020-10-22 05:57:28da03a9b55b6989c3afc8a859785e254418322eb601e9fcf2ce58da55d9bc7d0bdocHeodo
2020-10-22 05:25:337b89c410abec246746b6cdf315ae9239982f1a31e0a7629d46fa1e0dcbe7329fdocHeodo
2020-10-22 05:00:335216126689ce29d0ead65c0774e9b395ade4b5c2ce71e69d464f3a603a22bdb4docHeodo
2020-10-22 04:09:18775be0a86b7a5d27adf04eb982cbd8f223f06ae88dc5f6a33a26774d707f7bcbdocHeodo
2020-10-22 03:51:33638d64989d1dd97fb0243d59735dcc9441f106f3eaa6288d3c6e18a2b11aaef7docHeodo
2020-10-22 03:23:4100be3474f86c64b8ed871822ccfe02e7bdcbb4b5132682ee36915e8553952648docHeodo
2020-10-22 02:50:2429747a11e9ffbd0668f9b880137f1051a27677c4f3bf0a17ead5299fb5857946docHeodo
2020-10-22 02:42:07fe681aba1adcf7e82fd0daedeb3af000c89d34693b1dd0022c273e936ed660cddocHeodo