URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	thietkewebtheomau.com
Domain registrar:	n/a
Domain registration date:	2020-06-01 03:18:55 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-21 05:58:04 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-28 12:41:22	160.25.166.79	s160-d79.interdata.vn	Not listed	AS151858 INTERDIGI-VN	VN	yes
2022-01-21 05:58:06	149.28.151.102	149.28.151.102.vultrusercontent.com	Not listed	AS20473 AS-VULTR	SG	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-21 05:58:06	https://thietkewebtheomau.com/wp-snapshots/L/?i=1	Offline	doc emotet epoch4 heodo	Cryptolaemus1
2022-01-21 05:58:06	https://thietkewebtheomau.com/wp-snapshots/L/	Offline	emotet epoch4 redir-doc	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-01-22 18:42:51	dd6ee5ee1db29010e56a2b1adf5fda9553efacf03236a806283e094bbe44e275	xls	Heodo
2022-01-21 05:58:06	46882c3121ab7988e53d6c0870a97e8e8525f0faf932ebbabdd573283c6ca8f0	xls	Heodo
2022-01-21 05:58:06	c76b1456825163b2f3bdf539247193a956b06f3a0fdbde67fb6077d5ad2f2561	html