URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	mmhminhaj.xyz
Domain registrar:	Public Domain Registry
Domain registration date:	2021-12-23 18:28:40 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-11 10:56:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-03-13 00:25:40	199.59.243.223		Not listed	AS16509 AMAZON-02	US	no
2022-12-24 14:13:00	209.99.40.222	209-99-40-222.fwd.datafoundry.com	Not listed	AS23005 SWITCH-LTD	US	no
2022-08-16 15:32:18	109.70.148.32	malibu.hostns.io	Not listed	AS25369 BANDWIDTH-AS	GB	no
2022-04-11 04:16:52	66.94.108.212	vmi926664.contaboserver.net	Not listed	AS40021 CONTABO-40021	US	no
2022-03-27 06:29:42	66.23.235.46	vip.bahariserver.com	Not listed	AS19318 IS-AS-1	US	no
2022-01-16 04:29:48	168.119.4.47	lampy.kowal.co	Not listed	AS24940 HETZNER-AS	DE	no
2022-02-07 21:57:15	103.142.80.170		Not listed	AS139604 ARROWNET-AS-AP	BD	no
2022-01-11 10:56:05	167.114.173.168	ns514832.ip-167-114-173.net	Not listed	AS16276 OVH	CA	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-11 10:56:05	http://mmhminhaj.xyz/Fox-SS/1fBlJw/	Offline	emotet epoch4 redir-doc xls	sugimu_sec
2022-01-11 10:56:05	http://mmhminhaj.xyz/Fox-SS/1fBlJw/?i=1	Offline	emotet epoch4 heodo SilentBuilder xls	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-11 15:14:42	3a3a5f5444557caa3c86b58560956c0a0452818a2349ef7328bb8c948e36d465	xls		Heodo
2022-01-11 14:55:07	d2c48bc93b2b0711be6bafd81a7eeddc944514e110ef2e1014151dac42e8ab62	xls		SilentBuilder
2022-01-11 14:42:47	89224af568d4e29e7836c2961d33045490b337a9d5d40db852137e1f2dbbfbf9	xls		SilentBuilder
2022-01-11 14:15:24	645258c3eec8a24b056403664b65d66c43f78566a0f33270723a6edc4d0c7ed8	xls		SilentBuilder
2022-01-11 14:00:20	06b383970ed4fab68a430bc021dd0744b77518ec82ef09f6d167c8edbf50fd53	xls		SilentBuilder
2022-01-11 13:48:20	7550a2a99fe2768446351c653515cda693fc4978cdb437177efcc2133117efbc	xls		SilentBuilder
2022-01-11 13:15:19	c17cf152edefc6ce2ed0a5fa783f3bbfd6348b41a22f0da9cdd2722311ddfd62	xls		Heodo
2022-01-11 12:58:53	54517f5914c526589a1b1ad61249c75209d239c1885cd72f638d9924d53983de	xls		SilentBuilder
2022-01-11 12:44:21	f218c6867a0a060d313d1592c39f606f2193f4d587a404b4372971a6344d0f16	xls		SilentBuilder
2022-01-11 12:17:27	c26e7bcb1137bc26303dc119131a3e3e229acc32c7ed38d1792aa7a620c7ae8a	xls		SilentBuilder
2022-01-11 12:08:24	5d5960ceec11681300fcf26d61f3e8c614aa21a0eeec555c70a63c4049587756	xls		Heodo
2022-01-11 11:42:11	8154d03c9e2276ffa60e6a0cff77239d34b2be27f0728bfbec2a37e59562551f	xls		Heodo
2022-01-11 11:15:54	014fc0f35570524af821c5eba7c6efd66e8b973be290e6aefcc2b4ba1d56870a	xls		SilentBuilder
2022-01-11 10:56:04	b4497dfb4992f83d8176afd4a6234b4700e9dd826339fd6f4df2806504f78241	html
2022-01-11 10:56:04	8d553f79df6c325e23d3dbf5395971d1e0e1132eb66d882f365a931e848a6556	xls		SilentBuilder