URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	nguyenthanhdat.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Blocked
Firstseen:	2020-01-13 14:12:03 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	16

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-08-07 21:18:26	13.223.25.84	ec2-13-223-25-84.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	yes
2025-08-07 21:18:26	54.243.117.197	ec2-54-243-117-197.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	yes
2025-05-25 02:02:51	13.216.111.180	ec2-13-216-111-180.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2025-04-27 08:12:37	3.94.41.167	ec2-3-94-41-167.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2025-04-27 08:12:37	52.86.6.113	ec2-52-86-6-113.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2025-05-13 05:28:56	3.18.7.81	ec2-3-18-7-81.us-east-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-05-13 05:28:57	3.19.116.195	ec2-3-19-116-195.us-east-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-04-27 11:30:29	18.119.154.66	ec2-18-119-154-66.us-east-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-04-27 11:30:29	3.140.13.188	ec2-3-140-13-188.us-east-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-04-27 14:25:26	3.130.204.160	ec2-3-130-204-160.us-east-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-01-31 19:52:03	http://nguyenthanhdat.com/press.function/view-s...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2020-01-16 06:46:25	http://nguyenthanhdat.com/7f704f63fc2e9eaf8cfc8...	Offline	doc emotet epoch1	Cryptolaemus1
2020-01-13 14:12:04	http://nguyenthanhdat.com/7f704f63fc2e9eaf8cfc8...	Offline	emotet epoch1 exe heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-02-01 09:57:29	8ef3a86989c9654cd7b0914ab743459ad98702ea960612c66e331f858a791eb0	docx
2020-02-01 07:12:58	da2dfdde77d319fa7d1a1326ca2ce99142a8d194e609eba08264875f442e240b	doc
2020-02-01 05:58:25	33a89c876ed4c1f54ac3ebf60cd427562e652b39263734b693beb3be9e6c67eb	doc
2020-02-01 04:30:29	ac59c732daa8085badba3321495b6415cec136aaceaf03e509380f2d2742866b	doc
2020-02-01 03:20:23	c117593f754a9dafdfb9c3bcaf46d70eda6bedf7ee811038f00aad85aa541355	docx	Heodo
2020-02-01 01:58:26	d6ac1c0ee85cd1a5225863f4efa078bae13e3b4555885fc96d9fd47213a479f1	docx	Heodo
2020-02-01 00:11:54	7adf027cfbacb9e234e80ea5563bb9f7e1dcd003c562a6964c9c65524abcf3d4	docx	Heodo
2020-01-31 23:56:22	2ff7a8002b4398fe3ca4905a4abef5b229f8d8f3faa9aa284bf542bc9ad56188	doc
2020-01-31 22:25:24	78189db51d029cba090eb74853c255ae01f91ae08c6215195b58fa1442c247e8	docx	Heodo
2020-01-31 21:18:23	b2aec439ceb35e1750a11e9cbe83f427ae4e0b4b25a54500410d7eb74e31bdf2	doc
2020-01-15 13:18:37	145d5be0c108286607b49b29f7fdac11b73c0c6458664763b88a037f1404932f	exe	Heodo
2020-01-15 12:09:12	7bc963b23ca47117153fdb9cb37a1ab09ff5edc9e7948070a04004db5e77985a	exe	Heodo
2020-01-15 10:41:09	3d50007a63af60279a12802c51b2d91cd2f4cce2d4cde5ce343ef944ebb6330d	exe	Heodo
2020-01-15 08:39:11	d78aff54d42f4cf7516c80d6a98fe3d048d897d3ef693280bbe0c71fa4a3f433	exe	Heodo
2020-01-15 07:20:05	edda4006abcf4c758a0a13c05852ba00acbb4f19f08c1300d8d7e07bb50c72bf	exe	Heodo
2020-01-15 03:41:48	fbe24ce9e152e720d48fabc7aba4b4f145fff2526910883b7ab0f44123dd9f3b	exe	Heodo
2020-01-15 02:39:50	8f7e31983945d1484f60301682d51c6bb667b00964cc540057b40308aecad433	exe	Heodo
2020-01-15 00:38:49	6fd6da9270d03478dadfe4375e533b2c5a1f1092c39dc364e69bdc8e1a97f711	exe	Heodo
2020-01-14 22:37:45	b7c57a35cbd74d3773c9b6ac6efb92daaf59f3fd79d9a89fc92a1ee57bc098ad	exe	Heodo
2020-01-14 20:35:44	960768d327f179f7988f6cc14df831d8ac85173ba325a3ca504131644f67e903	exe	Heodo
2020-01-14 20:20:41	60a77e05486309b33cec86371679d26775758640b0e27533da77d92efe3c0422	exe	Heodo
2020-01-14 19:36:50	e2b64db40be76c39a7f82c8f38cdb568764b59f0632e0473db38d28bac36ac1c	exe	Heodo
2020-01-14 18:38:25	49041d079d8cb768bce72d60e0d47e47f22abdfafa493dfa9882194cf32696f3	exe	Heodo
2020-01-14 17:07:25	eb59fa820a73d9eef2a25cb63375376a998d46cbcf9a9ba5185b3b32535f9252	exe	Heodo
2020-01-14 16:37:27	ec47408d09bddb18ef92e68ec7fec02e5485be3fa6f622d587c9d09490fccb06	exe	Heodo
2020-01-14 15:42:21	178ef50351c8e325adf7c23c0911ac1478f32774c47cde5d36530472392a678f	exe	Heodo
2020-01-14 14:23:32	f8dc6ef6b3cce570c6c9ad661feb3e171734a408c6cd559000baf7d5983ed5c9	exe	Heodo
2020-01-14 12:47:56	ba39192e11cc96bed6c3e79e0936614a0a7ceaef7bfa08e37a4d6931a7245471	exe	Heodo
2020-01-14 11:08:04	46ba3607d4d3c6f903b17635c3d082f91dae213d32eb7a21839e51715634cf0d	exe	Heodo
2020-01-14 09:53:19	aab035549688ba0b568dc651d28991d6a01d861fb1235a02d59a1b22cf656fc7	exe	Heodo
2020-01-14 08:15:55	3d65f7c866beb64bfba3724b7035c646d4287d5516357ae21769ad432f744b81	exe	Heodo
2020-01-13 16:19:52	19b69855dc2b672da42ea96fb2de5036b6873b4fc24c063344d9f273c61ed376	exe	Heodo
2020-01-13 14:16:52	125f7c51507b088a78877c0d304d06d6f552b32ec963b7599aa142658c79fe01	exe	Heodo
2020-01-13 14:12:04	b43692aef0f38bf8069b6f9ca113906fb633f402ed4ce213fa11e0a58627fc0d	exe	Heodo