URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	ingridkaslik.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-04-24 19:34:01 UTC
Total malware sites :	43
Online malware sites :	0 (0%)
Offline Malware sites :	43 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 08:13:27	52.40.237.158	ec2-52-40-237-158.us-west-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	US	yes
2018-12-24 05:52:16	66.152.183.26	server.bludomain31.com	Not listed	AS16509 AMAZON-02	US	no
2018-04-24 19:34:02	104.145.227.111	server.bludomain31.com	Not listed	AS40676 AS40676	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2019-04-12 19:23:11	http://ingridkaslik.com/ingrid/XOGc-lGnVHk7BBdI...	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-11-19 19:50:32	http://ingridkaslik.com/PAYMENT/IPXS50602953MOV...	Offline	emotet heodo	cocaman
2018-11-05 20:40:09	http://ingridkaslik.com/0597864MMOLPXNP/identit...	Offline	doc emotet heodo	unixronin
2018-11-05 18:26:03	http://ingridkaslik.com/0597864MMOLPXNP/identit...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-09-27 14:36:26	http://ingridkaslik.com/En_us/Clients/09_18	Offline	doc emotet heodo	unixronin
2018-09-26 05:07:51	http://ingridkaslik.com/INFO/En/Inv-59429-PO-1R...	Offline	doc emotet heodo	j00dan
2018-09-22 17:24:04	http://ingridkaslik.com/ACCOUNT/Past-Due-invoice	Offline	doc heodo	zbetcheckin
2018-09-14 05:01:50	http://ingridkaslik.com/48NJTKNT/SEP/Commercial/	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-09-13 10:31:12	http://ingridkaslik.com/48NJTKNT/SEP/Commercial	Offline	doc emotet heodo	unixronin
2018-09-11 05:07:11	http://ingridkaslik.com/DOC/En_us/Past-Due-Invo...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-09-10 14:29:07	http://ingridkaslik.com/Vz6UYhGl/	Offline	exe heodo	zbetcheckin
2018-09-10 11:25:14	http://ingridkaslik.com/Vz6UYhGl	Offline	emotet exe heodo	ps66uk
2018-09-07 14:57:40	http://ingridkaslik.com/DOC/En_us/Past-Due-Invo...	Offline	doc emotet heodo	unixronin
2018-09-05 13:44:04	http://ingridkaslik.com/payment/	Offline	doc heodo	zbetcheckin
2018-09-05 12:40:08	http://ingridkaslik.com/payment	Offline	doc emotet heodo	unixronin
2018-09-05 03:36:25	http://ingridkaslik.com/INVOICE/	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-09-04 15:41:30	http://ingridkaslik.com/INVOICE	Offline	doc emotet heodo	unixronin
2018-08-31 18:49:12	http://ingridkaslik.com/M355AhF	Offline	emotet exe heodo	unixronin
2018-08-30 09:02:12	http://ingridkaslik.com/NMxzFQ47Bn/	Offline	emotet exe heodo	abuse_ch
2018-08-29 23:48:09	http://ingridkaslik.com/NMxzFQ47Bn	Offline	emotet exe heodo	ps66uk
2018-08-28 18:37:05	http://ingridkaslik.com/8/	Offline	emotet exe heodo	abuse_ch
2018-08-27 09:41:11	http://ingridkaslik.com/8	Offline	emotet exe heodo	Anonymous
2018-08-24 14:11:37	http://ingridkaslik.com/32466TMUA/biz/Smallbusi...	Offline	doc emotet heodo	unixronin
2018-08-16 03:38:02	http://ingridkaslik.com/WellsFargo/US/Aug-15-2018/	Offline	doc emotet heodo	Cryptolaemus1
2018-08-15 15:19:26	http://ingridkaslik.com/WellsFargo/US/Aug-15-2018	Offline	doc emotet heodo	unixronin
2018-08-14 04:24:31	http://ingridkaslik.com/default/US/Invoice/Invo...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-14 04:24:29	http://ingridkaslik.com/911YVQINFO/FJF601981072...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-13 22:15:26	http://ingridkaslik.com/911YVQINFO/FJF601981072...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-13 13:32:41	http://ingridkaslik.com/default/US/Invoice/Invo...	Offline	doc emotet heodo	Anonymous
2018-08-09 05:50:04	http://ingridkaslik.com/ACH/BA71673I/Aug-06-201...	Offline	doc emotet heodo	unixronin
2018-08-03 17:12:07	http://ingridkaslik.com/PAYMENT/IPXS50602953MOV...	Offline	doc emotet heodo	unixronin
2018-08-03 04:24:51	http://ingridkaslik.com/DHL-Tracking/En_us/	Offline	doc emotet heodo	Cryptolaemus1
2018-07-30 13:38:32	http://ingridkaslik.com/hb10Nft/DHL/En/	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-07-25 03:58:24	http://ingridkaslik.com/default/US/Open-invoice...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-07-24 08:58:06	http://ingridkaslik.com/default/US/Open-invoice...	Offline	doc emotet heodo	ps66uk
2018-07-21 08:10:33	http://ingridkaslik.com/doc/US_us/Client/Invoic...	Offline	doc emotet heodo	Anonymous
2018-07-17 21:38:27	http://ingridkaslik.com/sites/En/Payment-and-ad...	Offline	doc emotet heodo	Anonymous
2018-07-17 17:45:53	http://ingridkaslik.com/pdf/En_us/Jul2018/Pleas...	Offline	emotet heodo	JayTHL
2018-07-17 09:14:26	http://ingridkaslik.com/pdf/En_us/Jul2018/Pleas...	Offline	doc emotet heodo	Anonymous
2018-06-06 14:38:04	http://ingridkaslik.com/ACCOUNT/Past-Due-invoice/	Offline	doc emotet heodo	Cryptolaemus1
2018-06-04 07:29:49	http://ingridkaslik.com/13B0NlT/	Offline	emotet exe heodo	abuse_ch
2018-05-31 19:31:08	http://ingridkaslik.com/ups.com/WebTracking/PI-...	Offline	doc emotet heodo	c_APT_ure
2018-04-24 19:34:02	http://ingridkaslik.com/past-due-invoices	Offline	doc emotet	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2019-04-15 21:11:40	060a0fc2dc33ae11af40e99b36563ac2b3cdbe59e7e538f1a0a0832480e8c74c	doc	Heodo
2019-04-14 09:14:18	268307363c224d65da7370d6da6cf518826f73a2d38cf8174037d4fcc5d18570	js	Heodo
2019-04-13 18:11:16	0e4cb4664c90b327e9cc3da8b12def365d187ab543b6a840b95458913a17549e	js	Heodo
2019-04-13 09:44:14	0ad1a288380b66bec4c13428d108845caff4201fc46cb0cddb85e4a314da26fc	js	Heodo
2019-04-12 20:49:06	1019bd7e2c3bb1a5b578d7406a74824051d49e84c13864a73635362e7bcbcb4e	js	Heodo
2019-04-12 19:46:09	ee1a33fd81e68eef2c49a0e4b3521bc11d455bbf96fb8360618c6cb120814e85	doc	Heodo
2018-11-06 09:02:15	57d24769c8dd4ea3ef673402fc8768d27f9d231ef22baf1d42dd648e8859b554	doc	Heodo
2018-11-06 09:00:14	57d24769c8dd4ea3ef673402fc8768d27f9d231ef22baf1d42dd648e8859b554	doc	Heodo
2018-09-11 05:07:11	8fc9db0bac4cac546a1c3167777fd32da5249a88371eafa0ff44e70d48816ed5	doc	Heodo
2018-09-08 06:06:40	8fc9db0bac4cac546a1c3167777fd32da5249a88371eafa0ff44e70d48816ed5	doc	Heodo
2018-08-25 13:22:29	b8be31db3cf8fa74d86929a303a2ae714fb928211f14b777f4a63f2bd1854929	doc	Heodo
2018-08-03 17:12:06	497be5f773cd826c4e352aef2ba0ceac18117e7709a3353a413eef2fddfef2ae	doc	Heodo
2018-07-22 07:53:07	9eb5ebf4950818df9294072543535ab5bf97a9af906b2c14909a7c79445250cf	doc	Heodo
2018-07-22 06:43:26	9997faff082088963c088eedcfe40c5490a43a26af763637a376fd7f18e0412f	doc	Heodo
2018-07-21 23:19:06	67165d9b0b0017a2ce12791473747dfbd8c7c1d1c44b8433435aba27191c54ff	doc	Heodo
2018-07-21 15:52:57	8449b8b0faadcfab22485004ccc56e221ddf48083c8569741996115ef56452f2	doc	Heodo
2018-07-21 09:50:58	25dc7d8c8e8880651752382dd3bd8bb32d363bbc5b4d75b8f8ca91105ff4d509	doc	Heodo
2018-07-21 09:29:09	d91c31eb9a5705c5f02de259bf377d12608bc9f889e3fa3a59ae291f7f11a515	doc	Heodo
2018-07-19 06:23:22	5da441a5129f4d0cb8ab72d45b985fb9238218eee413835e1c6d94686fad9d5d	doc	Heodo
2018-07-18 19:03:46	8bfdf6fe5f6a3aab367939407088cab9cdc7215d1220770b5a857fe832d2ea02	doc	Heodo
2018-07-18 18:58:56	8bfdf6fe5f6a3aab367939407088cab9cdc7215d1220770b5a857fe832d2ea02	doc	Heodo
2018-07-18 11:12:26	e7db2087ef7f0f80640c7f62a493da43eadb8db5f5af90ef1cb55e68a465696a	doc	Heodo
2018-07-18 11:05:58	e7db2087ef7f0f80640c7f62a493da43eadb8db5f5af90ef1cb55e68a465696a	doc	Heodo
2018-06-01 14:57:45	3803bfbce21fffcf67582832f8292d4e40e2417463b3040e293c1938179ef9c1	doc