URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	gilbt.nazwa.pl
Domain registrar:	nazwa.pl
Domain registration date:	1999-12-24 00:00:00 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-03-30 18:12:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-03-30 18:12:04	85.128.248.247	shared-aom247.rev.nazwa.pl	Not listed	AS15967 NETARTGROUP	PL	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-03-30 18:12:04	http://gilbt.nazwa.pl/wp-includes/3yD2w2TfNmkAn...	Offline	emotet epoch4 heodo redir-doc SilentBuilder xls	Cryptolaemus1
2022-03-30 18:12:04	http://gilbt.nazwa.pl/wp-includes/3yD2w2TfNmkAn...	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-03-31 02:49:21	41a73a914406df97e2944f7742f48272bab7d25486c9c2a5084a7f158fdb2aaf	xlsm		Heodo
2022-03-31 02:09:58	4409b097292f1ed1adedbae38fcecf71370a64209f9bb5ffff019b71e8a88533	xlsm		Heodo
2022-03-31 01:59:06	00ea616ce33ef49268a2d6046f588bb73c80b7a90ae6e5e5067938d72e858564	xlsm		Heodo
2022-03-31 01:37:30	6ba49c8a1bc5dddfc74a33d1c6f53df15e682043f2e3e66963ef4577191206cd	xlsm		Heodo
2022-03-31 01:29:28	764d8e72174b0666952016caf95096e85219dba6554a8ce6db74b8244b3e7590	xlsm		Heodo
2022-03-31 00:41:41	93e06d8850641586fe31c662da490f8ff442f4f86021f50799e1174dcace1f72	xlsm		Heodo
2022-03-31 00:23:32	5c682f8054f1b9bb175d9a5784b8fd5bc06364ddf2b802d9aa5fa0abe6cb3a33	xlsm		Heodo
2022-03-30 23:02:39	39bbb570609ea300f9d959dcf23f2161043c6dedc230f97e7eab2388db651831	xlsm		Heodo
2022-03-30 22:33:16	533372e6130ad44ced6eae30ab3af8be4ae172cc7585719b61074bb861f2dbbe	xlsm		Heodo
2022-03-30 22:10:35	42c504a0fee5cb3e3033b4f6d596ce78f3f3c1118dc4cdfddf0b54715c66117c	xlsm		Heodo
2022-03-30 21:52:49	93629f0e94046fc0c1c1a2779a8e58d101136842695fc4ad3addbde6c7757dcd	xlsm		Heodo
2022-03-30 21:27:04	f3101b6d16751623f8a025bfbf75ae9a32c68b534dccbab4452ee72a9fbe0f5f	xls		SilentBuilder
2022-03-30 20:52:18	bc3aadb828bf8f9442d01bb0a1d6b11b7633b19d2d0f8dc6711897611c0a5c3d	xls		SilentBuilder
2022-03-30 20:48:29	dd89ded2be5b0a176d6a4d7e4d75f19fd83294a5b0a6da3fcaf12119bbf6f6f2	xls		SilentBuilder
2022-03-30 20:14:37	9adde116bf0bac725d59a9758fe3135672fcf8e2a7d30d3ae41d6df39452d54a	xls		SilentBuilder
2022-03-30 20:03:49	7324fd5254825996acb024055b8f85c89b19897ef327543836bad401b074d0b6	xls		SilentBuilder
2022-03-30 19:10:55	fa9ff98be2b2014f3459f9e24865c2c062491b891fcf51b2a6b03e208256305c	xls		SilentBuilder
2022-03-30 18:12:04	a1043d987d910e34281c2a6f7280438e68ce6e5b3a58a35e9d60ebbe8ed97c9f	xls		SilentBuilder
2022-03-30 18:12:04	1cb9c19a44751b4f729e5c7ba1ca178b7f6846620076e8ddf985cd2ffeeadb30	html