URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	metalgas.com.ar
Domain registrar:	NIC Argentina
Domain registration date:	2014-01-17 00:00:00 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-05-17 13:22:07 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-30 16:18:21	147.135.31.201	s1.peymi.net	Not listed	AS16276 OVH	US	yes
2022-05-17 13:22:12	138.219.41.198	vps-1130049-x.dattaweb.com	Not listed	AS27823 Dattatec.com	AR	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-05-17 13:22:12	http://metalgas.com.ar/wp-includes/pIxAd/	Offline	dll emotet epoch5 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-05-19 09:51:49	4264219d72742033acaeba85bf70e36040d17419ab64f62e5b9dadd2ddc73e6b	dll		Heodo
2022-05-17 19:26:09	972041c44d2e1adfb6cf0a4908c69f222b5ac6518aa782328719b43823197172	dll		Heodo
2022-05-17 19:06:28	3b669c93f55a5bd114478b97c2216b6850d5b6cd8174aca4ca9e8fff574d79d3	dll		Heodo
2022-05-17 18:49:21	7cf0808b464e6fe78b671b53fbae2f95947d053209b8e8c3f767c81efed218f2	dll		Heodo
2022-05-17 18:33:29	bbbdd3f085e20f97fa60dbb4bd9098e787a38b476d2f7731ae4101e3921a87f7	dll		Heodo
2022-05-17 18:15:54	421915cc88c6be5b964bb922d85701a041b4d8b014b1df9b7148ec434ef71e82	dll		Heodo
2022-05-17 18:03:00	e872749f42aba8891ae5228f5cc7e3f4a44e6ca7337db34bbc532345a3404a38	dll		Heodo
2022-05-17 17:40:41	b0b4138af675b7be9b5b67638c6d24e1a96a551cf28dacc28f5f33f29b24a590	dll		Heodo
2022-05-17 17:18:20	c9dfc5aa107ff4e18e47595e2439183435d52526011cd44a15bb4582b8177325	dll		Heodo
2022-05-17 16:52:52	7dc59860c713217d6e62b14f88a6e28a6ce03b374cb355d95f9686bebb0817f7	dll		Heodo
2022-05-17 16:20:37	c5d3395ad1dea6a3b101701c1ab4ea32a6c4ad84d42e2e3122e848fc7358d780	dll		Heodo
2022-05-17 16:08:19	0dbef8d15a0d37e75b9ab6732a2ec79c9ed54e7b5b01cfbfcc2863c6065d2186	dll		Heodo
2022-05-17 15:36:18	25f1724f8a521c285f5d289c7c0dafdbc77deb21dc8dd878faa654411c2d75f7	dll		Heodo
2022-05-17 15:24:49	799013b7e7ddb5f5cfc6c8e060b5db09db4e386dfd0610c981831aa3e2e5da6d	dll		Heodo
2022-05-17 14:53:47	1b46d537f25548f2c69309dd3be02c11ce515e3baaf80bfebbe98e5bc2c1dac0	dll		Heodo
2022-05-17 14:46:01	9ec2d288545a0e07bb22b965b5bd2ca5421cf42196031071685b9916f670f7f0	dll		Heodo
2022-05-17 14:11:53	e3fab538766999306d42f12d9692ff2da4e6327079a27a7f7688bd3bf24fc782	dll		Heodo
2022-05-17 13:59:27	bccef8cf7fa8e131ff1bd75413dc7604af0e7b801fd11e6cc24209cec4bd5dd6	dll		Heodo
2022-05-17 13:40:51	57a75de48a92890d02c93ee84ef71074f620ddac482eb59adb2fafd3642df4a8	dll		Heodo
2022-05-17 13:22:12	43fa93c3d22ab686c5d19b4c4252dd3490ac463ceac536643d3a923c48033585	dll		Heodo