URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	mgah.flywheelsites.com
Domain registrar:	Tucows
Domain registration date:	2012-09-29 16:25:17 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-12-09 11:41:08 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-12-09 11:41:09	151.101.66.159		Not listed	AS54113 FASTLY	US	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-12-24 06:38:21	http://mgah.flywheelsites.com/images/D7npwK0aI/	Offline	emotet heodo	Anonymous
2021-12-09 11:41:09	http://mgah.flywheelsites.com/images/zP9T0V0F2p...	Offline	dll emotet epoch5 heodo	waga_tw

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-12-24 19:08:31	b67c3f3c745255755871207225589d5679e1a001a88d0bc556c11b9dd007aba8	dll		Heodo
2021-12-24 18:58:27	d038c4f82ba5b0e534b0530e6d983ad5ed51836959ef6ae98920325ff3ce6482	dll		Heodo
2021-12-24 18:25:35	bac4929b545eb6a70bcb068bd1e2802ac094da9090f8f3b02ad5b3abd44e27df	dll		Heodo
2021-12-24 18:08:19	087c7c1ad9ed40a869c0dad33e614e2c7f37868a7d157554642484a180677100	dll		Heodo
2021-12-24 17:52:46	7cadeba5cfbab61636a621ba7f6c9ffa56257a755443c3a352917900d9657fe8	dll		Heodo
2021-12-24 17:37:33	0c4e7aa677dec70858e551c426634dfefd1d826bf29d0a7d913a80ab11c62a97	dll		Heodo
2021-12-24 17:21:04	dd6ce6cd7e4f0ab6e82ca16395512b1b799aa71e664312bd9913630a058a1443	dll		Heodo
2021-12-24 17:06:53	e64008707c41bcc00885606f58c45b7846ed6bdaeddd11af7e9084f8f40e186d	dll		Heodo
2021-12-24 16:53:29	b003eec40a6cab84319cae92a333c85b420bcc1daf11be478b6bf97099111e5c	dll		Heodo
2021-12-24 16:36:25	80b64eaeb9589c6eb668d3c57521e847a6a637f102c9d117f76f4819e3f4fa52	dll		Heodo
2021-12-24 16:22:26	5e42c76031562cb810524d10e4631171cc93a2f270908bd1b1426acf95e3cecb	dll		Heodo
2021-12-24 16:15:03	3e89efbe93295b523c959127d79984b57f65c108c592bd47a1deb47cb87872e8	dll		Heodo
2021-12-24 15:57:45	72c88e96453ff77895916319544f78a3fc35f4d844f4f1da5f5b75c695536bc8	dll		Heodo
2021-12-24 15:30:43	614b295db18f4dae8f9f0b92a0a01464180a9523681b5734e439da2ff37c7f59	dll		Heodo
2021-12-24 15:20:55	b10fe3ae549f1322f76f5067acaf0eefb0521d74b4ae880d0115cb64547ca12d	dll		Heodo
2021-12-24 15:04:20	15f7e6f8d035a8fe47374823d36b015d6cc21a2355d6ec42ad27d6f8d629b3db	dll		Heodo
2021-12-24 14:55:06	ca7a5a45ec3ed19efe11bc669b017cee8c190b962dc1621f181cc27d54fd8142	dll		Heodo
2021-12-24 14:40:23	8df2c30899ce451aaba8f6a4bbf0448c567b99bef3a3f8501cc800145ce9087c	dll		Heodo
2021-12-24 14:24:08	46bb6f5802d84aff3d18da1f7c200c855724cb324eeebc47e4db8c76bfc3974c	dll		Heodo
2021-12-24 14:08:04	233aea2b6222a632159664174f56e098a496b976731de9b6d2b8bf493de8f5cb	dll		Heodo
2021-12-24 13:39:41	678e2606e65d133fd4e3c716dcc06dd8342aaa5f5e69542374f7a6036098a4ec	dll		Heodo
2021-12-24 13:24:53	43514415f0a0b85e2257062a7248e3cfd912e01509fa7e6628d8364a9eca6592	dll		Heodo
2021-12-24 13:08:36	88bd916d5903bd47d9ac38a03ceed4cbc828baa7ab5108d568ca5df01c69727c	dll		Heodo
2021-12-24 12:51:12	6ee76d159aa504374966c2d2408794d2ac95506048a0569de082ae07b4b8d79f	dll		Heodo
2021-12-24 12:49:01	d8c0669c888455a544ced08ce221b0c8dddaf913aa2ebc07249858a9798bf93b	dll		Heodo
2021-12-24 12:34:34	041ad59e8e7c55f252d54975660d21de1717ab84119394dcdf6912e7d6e82386	dll		Heodo
2021-12-24 12:03:51	b925baeae04d0a27ea96dc63f773d13e2c11b6bc1d091f769d1bb5e1bde4465c	dll		Heodo
2021-12-24 11:23:52	d76ce129688e60251293d1a8b176b5b9d024370c58c0e6b100dea0759605979a	dll		Heodo
2021-12-24 11:11:00	c873bf4f33366d1b4c13270888edc7be5bc8d6e9f544124ddec21e6019a4227b	dll		Heodo
2021-12-24 10:56:35	238997f015b854e795bd11b989cebba0f85c38853229565f4c1f0c0e374d87dd	dll		Heodo
2021-12-24 10:39:48	6a892cdec123bcf3739af0fc073ebe3bdd92ec93b141c0a3efcd3f9ac1055630	dll		Heodo
2021-12-24 10:24:42	abc8aa39419c1f2cffda42d7b1d253517039aaf646260ae3d45c76210f2a8956	dll		Heodo
2021-12-24 06:38:21	2db9ce3901b75309b5669e0e94c8cfd2c93f9f4d5c6b1c023bfa0ac1806e0a87	dll		Heodo
2021-12-09 16:16:05	75409cfbd7f76a0d9234d69a1db861c79fbb56af657d03ece144654beff40a56	dll		Heodo
2021-12-09 13:14:33	e8b6ec634e20f43d28575ccbe65b1c66991df44fa91665dd7983b19d26fb580a	dll		Heodo
2021-12-09 11:41:09	a4ecfd32ad99def84abd6ca93d8d26d0d40185b2eca61fc6b6f2ccd56f8ece44	dll		Heodo