URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: gzesa.net
Domain registrar:Xin Net -
Domain registration date:2019-08-27 02:53:54 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2021-11-30 21:57:08 UTC
Total malware sites :16
Online malware sites :0 (0%)
Offline Malware sites :16 (100%)
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-03-15 09:09:26 106.53.80.166Not listedAS45090 TENCENT-NET-AP- CNyes
2021-11-30 21:57:10 139.199.80.238Not listedAS45090 TENCENT-NET-AP- CNno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-01-20 20:30:16http://gzesa.net/wp-includes/ID3/EhsyJ2N/?i=1Offlinedoc emotet ext epoch4 heodo ext SilentBuilder Cryptolaemus1
2022-01-20 20:30:05http://gzesa.net/wp-includes/ID3/EhsyJ2N/Offlineemotet ext epoch4 redir-doc xls Cryptolaemus1
2022-01-17 21:33:05http://gzesa.net/wp-includes/ID3/KW-4932/Offlineemotet ext epoch5 redir-doc xls waga_tw
2022-01-17 21:33:05http://gzesa.net/wp-includes/ID3/KW-4932/?i=1Offlinedoc emotet ext epoch5 heodo ext Cryptolaemus1
2022-01-14 01:24:05http://gzesa.net/wp-includes/ID3/OJ51/Offlineemotet ext epoch5 redir-doc Cryptolaemus1
2022-01-14 01:24:05http://gzesa.net/wp-includes/ID3/OJ51/?i=1Offlinedoc emotet ext epoch5 heodo ext Cryptolaemus1
2022-01-12 04:00:11http://gzesa.net/wp-includes/ID3/2133563-04/Offlineemotet ext epoch5 redir-doc xls waga_tw
2022-01-12 04:00:10http://gzesa.net/wp-includes/ID3/2133563-04/?i=1Offlinedoc emotet ext epoch5 heodo ext Cryptolaemus1
2021-12-24 06:01:10http://gzesa.net/wp-includes/ID3/0ebN49GoEsK/Offlineemotet ext epoch4 redir-doc xls waga_tw
2021-12-08 07:31:21http://gzesa.net/wp-includes/ID3/1h78Vjf/Offlinedll emotet ext epoch5 heodo ext sugimu_sec
2021-12-04 01:50:07http://gzesa.net/wp-includes/ID3/vkqUQknP1Efohc/Offlinedoc emotet ext epoch4 heodo ext Cryptolaemus1
2021-12-01 09:39:09http://gzesa.net/wp-includes/ID3/31P9pZ/Offlineemotet ext epoch4 redir-appinstaller sugimu_sec
2021-12-01 07:28:17http://gzesa.net/wp-includes/ID3/hC2c/Offlineemotet ext epoch4 redir-appinstaller sugimu_sec
2021-12-01 05:24:10http://gzesa.net/wp-includes/ID3/HrUt1vISyzc/Offlineemotet ext epoch4 redir-appinstaller Cryptolaemus1
2021-12-01 01:53:09http://gzesa.net/wp-includes/ID3/hC2cOfflineemotet ext epoch4 redir-appinstaller waga_tw
2021-11-30 21:57:10http://gzesa.net/wp-includes/ID3/HrUt1vISyzcOfflineemotet ext epoch4 redir-appinstaller waga_tw

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-01-21 07:10:366407591df6ce61f946e24715faa6fba1b1f3221e2baf22f6c4f5a64f1ea98eb5xlsHeodo
2022-01-21 06:55:40aba8e5024172cc0cd240eda2c379e91825cb922f0c5d56d82a560dcb15eef097xls Heodo
2022-01-21 06:28:14b8fef9073b247386d53e1eba4723994cf6300b257f2b637cb1eccead6b68904cxls Heodo
2022-01-21 06:14:077efacaa6dacfe6bf20d27faaf86184458461e64165c615cede70b42cf913f8aexlsSilentBuilder
2022-01-21 05:58:45fc79dd33ef2208cbe871b54938ff2ad295a34cb9a720e4995853dfed5761db18xls SilentBuilder
2022-01-21 05:47:5029111d8e5e8306e76660db292e7232ab39e901955014eede21e912c931a09b5fxlsHeodo
2022-01-21 05:35:48d1f5ad731dbf6263cbcee95b142ffb0ebc190205ae58d4a4948bb3e5ad09e4bbxls SilentBuilder
2022-01-21 05:18:59c3496d8e7d2ffbb343cb44911bd859ceb08cbac8eb09ebfc58ce6cb1208f2d8exls Heodo
2022-01-21 04:58:206027b0c0ed3191c277bd14f9bfca0e7110c5b306dba6bdc3e5bf123d0b31e6aexls Heodo
2022-01-21 04:42:12e06d794800a6c8e29eaee2ec0e2ccd9f60b00c7d6c9b4a80ce605a4c156f9982xlsHeodo
2022-01-21 04:20:576232ba47b182fc60d16bf5b9d41f5dc614f2f348e83414c533df7ccbfb940885xls Heodo
2022-01-21 04:11:31fe0ea8701f0d1d1b08de951b55324c38441ca10539fdac0274a95e293448f8f3xls Heodo
2022-01-21 03:55:238b24ef9d0556c1351a46d2e0eb996b21b65638c41dc79cd5b676a79bf0d18a17xls Heodo
2022-01-21 03:44:09539a3855a176457a29262e61d738250050450a8a6adb2b1e9c8961a40a6cad57xls Heodo
2022-01-21 03:22:073b8dc8f1f75a66d545d45ee9f4160ea99cff4e8cc3f5b265ea27736a3eabf381xls Heodo
2022-01-21 03:06:372847438e4b48ee5f630b8d0a3d5361bf4071aa308d8999a69cba995fa548add5xlsSilentBuilder
2022-01-21 02:51:21ccd9c6eef79a18615ba690a35d8a2f238ef0d6cf1e715536299b42f9e67357d6xls Heodo
2022-01-21 02:35:55afb4a25125020d107aa065816ff0c80dfbc85d700a654a29b73aa8143c2e909fxls Heodo
2022-01-21 02:21:292cb043937c5838c3f91d3955127cc444ff420b74448d38395ab177b8369753d0xls Heodo
2022-01-21 01:51:59c853e3e650463ca03b11d37a51d45c21e90abb85fe410073c435eba0d168d28cxls Heodo
2022-01-21 01:43:253accfd2337522a6c68a1018979e3ac6603237e13aff0b962ae093662129d8609xls SilentBuilder
2022-01-21 01:23:324520398e8aeabb1aed9cd4899a2ac014545d9ad9383959288cf2470f9c1c4731xlsHeodo
2022-01-21 01:01:50bf377a8c8ae5170949a1ea2d2f8fb6d63a24839276a2fd63bc2a4525f1839a59xls Heodo
2022-01-21 00:54:11e57baf9289180802e131633ce599fd55a0a67db3423c45d62f4a88fbf94a0874xls Heodo
2022-01-21 00:30:4601bab18ffb7052e8d67dc6447267ec775667a721592e609cf62dd08649d7a807xls SilentBuilder
2022-01-21 00:19:129296f02a362c27b1e3a3b4119ede64ea52b6c0430fc70517e5146730c23c987dxlsHeodo
2022-01-21 00:02:562d259bd946fb388d1a7d75d28ba591aca3377e0ca8b49e0add414fe82b76f483xlsSilentBuilder
2022-01-20 23:50:4188c13197081731462e05ef64b1c9abbdc1b85e0e573437506270137fb7b735d8xlsHeodo
2022-01-20 23:40:542181997083632b17484474d7152e18c8a65175b823c871b164d15d2e20a8ae16xlsSilentBuilder
2022-01-20 23:26:29345965e8a8dc6b64c4fad5c48851aa3a2efb483d409eb259fb2ceaaec1f01dbcxls Heodo
2022-01-20 23:04:00536582463c4d7bc11c931e61b72316d539e0b4ed677451ec3ab8942f6a02a040xlsHeodo
2022-01-20 22:44:04514af468cf8a54d3ba4fd08208de3119721d9a9b5e4d2c96373add4d3dd7688dxls Heodo
2022-01-20 22:31:57afc76f4aa05482102ea34e10b3d2397db55857510ce6ae3dcfe05e29cc92bde3xls Heodo
2022-01-20 22:24:22cc087101e48ffeece56deba54e6da814a6d35e371396b07cc4e10b121aac9907xlsHeodo
2022-01-20 22:00:4048fee052f0fa5361ddc892d4768321a00e5c80adabc60654488ea8fc1ffa135fxlsHeodo
2022-01-20 21:40:240450c09d5fe3db81273bb016f057664f805ea0dde2c1c53ad512324c191ac2a5xls Heodo
2022-01-20 21:26:416f95d343a882d6e800379be638a48804dfc956537ffcc06361e1f57fa2938808xlsHeodo
2022-01-20 21:15:4251dc452edd7c975ac8f632ad888d6cada4233c19aa061416076abbdb2ac596b4xlsHeodo
2022-01-20 21:03:42ab4456f73cd0d49bd6c2dc5553a33ff128bc765cb07cd47f8e0619d01735f966xlsHeodo
2022-01-20 20:45:17caa57a0d7208775ee50b80b88384a83804e8b132229162b88db9a3a57abb7acbxlsHeodo
2022-01-20 20:30:1606be4ce3aeae146a062b983ce21dd42b08cba908a69958729e758bc41836735cxlsSilentBuilder
2022-01-20 20:30:05d8a4ed5bce8915454a929226a37ab612dfd19cec733e6c0fb916a2499b40bfc9html  
2022-01-18 06:35:52e95a1d9f8651d516e59ddffadc5fd94a499b888077d6cc60ee5cc1b95c1f91e7xlsm Heodo
2022-01-18 06:02:2708ed773eaf043bb76b2576c9376b8715da6d2677f07277f709e74d4844343b7cxlsm Heodo
2022-01-18 05:46:10c837ba3be459d30d75ba53677884651f8ea4be085bfc4fd3bd3d87a85c4f2136xlsm Heodo
2022-01-18 05:35:048a1f1920da77f2aa02e0d38a92cc3f9901781484353db80e8940a750d673f023xlsm Heodo
2022-01-18 05:14:19c376ffe4c231464c947bc77a323936d8eb64d85bcd1ddcd33bcc161dae53ef15xlsm Heodo
2022-01-18 05:04:1764d41354ecd7f297389d824c38b8b00241322769011feb0c864269145fd8f174xlsm Heodo
2022-01-18 04:39:371d95f9d613b01b2dcf2ff10254cf77e3210a07f1a209855de18043c161520191xlsm Heodo
2022-01-18 04:03:51ccbc039cf33ad86b9287d5ddeb42977c7b30bdf9e8a728478f7be2f0231c9310xlsm Heodo
2022-01-18 03:43:20865dc6708076f891bd39b67e2f62ac875029eb002601a31442dcd0280c0c829fxlsm Heodo
2022-01-18 03:30:340228ceafa8f9fb29813b9462d9aee85f346c43440aabab248ee3a28283eb4f6fxlsm Heodo
2022-01-18 03:17:1858a1033b4773f07ae0f7257590bf372fde51e9bc60298c483a5bf53a93210433xlsm Heodo
2022-01-18 02:57:14976872f868b49d98d5e487b42d9bce61f8b05d610fb794ccacbe1ca4274d71cdxlsm Heodo
2022-01-18 02:50:10071b56a5371a11d25784a06fa995cbf3127cafc79a1da89ed889d7d35b235f46xlsm Heodo
2022-01-18 02:15:21954cce122bbc5f2db9b047be265ecb1c8dbbe04b37eaf5b2f738423610df2d4axlsm Heodo
2022-01-18 02:03:0872c3f7215a023270169a1f1a078c7df9714bdb4ab297fe3bfde6e13fbcb08c68xlsm Heodo
2022-01-18 01:43:14bca263286c21f2647b4f0885a0848164685ab40aa0d758e94eb8d774d940c69dxlsm Heodo
2022-01-18 01:31:03b977c5112c9836972623051077502437f1a49a9b8c0ae004c54d0a5685f5b974xlsm Heodo
2022-01-18 01:22:287a36780755f25695430762b1ae5759a6b789c298db856370cd0b6fd0f857f835xlsm Heodo
2022-01-18 01:07:15e961e46fe0000505f4534e036a9d1d2a59823cf644438a2733ab659e9c22988bxlsm Heodo
2022-01-18 00:42:1664b618a8cd97c14013cdb8352e6959b5f4097adfa9986a19e4a916141cccc9adxlsm Heodo
2022-01-18 00:24:58875b1c9e36a5cf567317565b0b54324da0aac7ca5c69f0c688853731da4082fexlsm Heodo
2022-01-17 23:58:46053bb9b9096198d542ba99d4aa0148e9af3797c17d2b874f406bf9d35749d809xlsm Heodo
2022-01-17 23:46:316f547f1af075434c1f8fd54fb78b5a4f15d49e4a38e86d6e129d88c3e83ea230xlsm Heodo
2022-01-17 23:31:523205e9241e6f23942fd5b8ff4babdf561cd0022a6d42a800075046bb9e627eb8xlsm Heodo
2022-01-17 23:18:48b74ebda344b21397a7dda793d725fc98a04efae5d4cc51c8c8b6f9c253bdcb83xlsm Heodo
2022-01-17 22:53:4047c80c975818ab9bd09449d2130bcfb94eeab3b0aaaa784f5c2b56cc3d32c796xlsm Heodo
2022-01-17 22:35:561227b6464953ca3a4307804a94c248736f40446a42121d3e0ceb52fc63629f8axlsm Heodo
2022-01-17 22:24:25d184b3138413ca1b9e64edc98add0851bdeec2158f3a247532593deb9cbfc808xlsm Heodo
2022-01-17 22:12:02ffb2a0ff4ab817787bae6e304ecc561e2e839edd4d20194227a194e6e8bb7b0fxlsm Heodo
2022-01-17 21:56:202350f0180119d36193a0ff0d35370865e389ebf2b910fbfa8419c7a2258a9356xlsm Heodo
2022-01-17 21:33:059994c128dac8fef0f5b7a94e7379a6eb0f2b3ab28cf8c641f2fecfc11a1100a9xlsm Heodo
2022-01-17 21:33:05eddaea0531893f38fef252cb8783b618683b157084c049f9deaf822420f582e5html  
2022-01-15 01:31:35de54a7c99135db230ba151e513f7813ccca74b08201d7592958e82c51b152386xlsm Heodo
2022-01-15 01:16:13b8121edc6cc2e93b9a7832beca7e11a32f3c0b8214816c8276a2d2eeec251050xlsm Heodo
2022-01-15 00:52:401f2fb274efe18ae6707db44fd5e92e99c9da494530658002e2443435536ad260xlsm Heodo
2022-01-15 00:33:2269dd17d667b01b8c139033215bad8690a13db67dcab99d323edee2a21ad0a44exlsm Heodo
2022-01-15 00:19:23c58ec0360d977c3351cf691b6f778bff30e6392de98f919995bbfa8b77712bdbxlsm Heodo
2022-01-14 23:50:317968b7e44f8390c379b215df6dc2409c6fead9c38927f667442a183da96df234xlsm Heodo
2022-01-14 23:24:2023d904c32148793e80d050809ec6989aa4733e705e1aa03df256c3fa6ae218cfxlsm Heodo
2022-01-14 23:09:452c1629903649cbcf3b885c468c648e7b9caad9bce1bad13edf832b78d8e98d96xlsmHeodo
2022-01-14 23:02:592a5d979303bbfb1841259d7d749dfbd18ede67591c12a1bf6226ee347e5987a7xlsm Heodo
2022-01-14 22:48:06269e9c81c482255515158bebf6c871afb18b879ac13cfcd7e9a22a6e6476423fxlsm Heodo
2022-01-14 22:22:17d9d89cefabc087af2be25fadd162ff8d73bc3cc83ed65bfa30cc860af14db3c8xlsm Heodo
2022-01-14 22:10:351f9d9fca72abbfae3dc8f70790c4d8ee3916adc5c68ab73c3d2cdd1fa38198b4xlsm Heodo
2022-01-14 21:33:40a51724da5a2c220ccb551df3d43ba4004b8231ff7848bc4058daf8477c56f75exlsm Heodo
2022-01-14 21:26:062819520aee64e6800af25eca5fa2aa0bc926fc6dd13200b425c0a686d95db027xlsm Heodo
2022-01-14 21:10:58013f28c036fa5af595b6c61d98cb6dc88cb8045194ef50facb59d481041c23cdxlsm Heodo
2022-01-14 20:40:2021279987ba4135e6afcbc5527f9c26b7d4e3aec26aa1e1863d2e144edd7f7730xlsm Heodo
2022-01-14 20:22:541945d61931cc7e9819244230ab70575eb1cebf7348d804e518182aecd018c76axlsm Heodo
2022-01-14 20:04:546c0e05648d4f157e4d9aaeaba27c463a21b4039a0a3ed03209a6c711b556e35cxlsm  
2022-01-14 19:45:2987a33eb014251fbd3e80d9dce2bf789e0c1b579d59554f4efbdd3f6d78a6e57fxlsm Heodo
2022-01-14 19:31:0321961b0d16c7d2561ef0c3d8a055eee86e90688f4a6fbe27c7f64c61096d0aecxlsm Heodo
2022-01-14 19:12:54c822efa6c4fed299c0bd7794b8f9a4e193703f2d22f78a795dbebc4748dbd4b1xlsm  
2022-01-14 18:58:2601e7bf755c02b2a01e54ba0c464ce80a6e64a404a541e9fd46ac00fd1d3b22f2xlsm Heodo
2022-01-14 18:44:464fca1c54e08fdaa16e2a0697f33e798e9dcacde746cc035fe595bdbf1822b2f1xlsm Heodo
2022-01-14 18:25:2789be0892e2374d1d0423930f73ad31cda4da82ee29970a5fef0a996357609051xlsm Heodo
2022-01-14 18:15:19ed0448141caba757e10c045d97e8593777ba7c60b8871b5871622b2b80ad1519xlsm Heodo
2022-01-14 17:59:33df06e51b72166281110f90f19e518fd3a11af0a1ced6a279c8c16277ad38e62dxlsm