URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.closmaq.com.br
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-08-25 21:44:13 UTC
Total malware sites :	7
Online malware sites :	0 (0%)
Offline Malware sites :	7 (100%)
A record(s) observed :	8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 11:43:05	138.117.103.55	138-117-103-55.cliente.imicro.com.br	Not listed	AS262387 Intermicro_Ltda	BR	yes
2025-04-27 11:43:04	187.50.159.26		Not listed	AS10429 TELEFNICA_BRASIL_S.A	BR	yes
2025-06-10 06:23:42	191.36.194.116	116-194.36.191.in-addr.arpa	Not listed	AS263339 3WLINK_INTERNET_LTDA	BR	yes
2025-04-27 11:43:06	191.36.194.202	202-194.36.191.in-addr.arpa	Not listed	AS263339 3WLINK_INTERNET_LTDA	BR	no
2021-01-13 00:50:35	104.21.5.179		Not listed	AS13335 CLOUDFLARENET	n/a	no
2020-08-25 21:44:16	172.67.133.177		Not listed	AS13335 CLOUDFLARENET	n/a	no
2020-08-25 21:44:16	104.28.12.91		Not listed	AS13335 CLOUDFLARENET	OM	no
2020-08-25 21:44:16	104.28.13.91		Not listed	AS13335 CLOUDFLARENET	TK	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-09-21 05:27:36	http://www.closmaq.com.br/wp-admin/nc/	Offline	emotet epoch3 exe heodo	Cryptolaemus1
2020-09-18 08:39:07	http://www.closmaq.com.br/wp-admin/public/3HZDD...	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2020-09-16 08:45:08	http://www.closmaq.com.br/wp-admin/Scan/	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2020-09-14 07:05:26	http://www.closmaq.com.br/wp-admin/browse/	Offline	doc emotet epoch2 heodo	spamhaus
2020-09-03 19:02:05	http://www.closmaq.com.br/wp-admin/INC/gzj7zw/	Offline	doc emotet epoch2 heodo	spamhaus
2020-08-28 08:39:36	http://www.closmaq.com.br/wp-admin/INC/fci836-0...	Offline	doc emotet epoch3 heodo	spamhaus
2020-08-25 21:44:16	http://www.closmaq.com.br/wp-admin/swift/	Offline	doc emotet epoch2 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-09-21 05:27:36	7556097bf4fb59ca824dcefa239c628fa0ce5fa9650c78f894d00bfbef9fad81	exe	Heodo
2020-09-18 08:39:07	487d63accb96ca154bd9b2aa14ed7aa275f8edc867581d4dc7187fd833f52d9a	doc	Heodo
2020-09-16 10:05:31	feb760d598f3b0a810214edcedd3e0ccefa48d12ba8c1dfb200aea8d382b4070	doc	Heodo
2020-09-16 09:47:42	654a30f8d9039f328a9143a75b54433c3a6c7acc12019d3bd26364e54e091e65	doc	Heodo
2020-09-16 09:31:49	85e8c954fc64556cac2d3c01b725c69f7b2640b92ee156c1875c02f923db643a	doc	Heodo
2020-09-16 09:09:16	43458ffd76ecd54f2773f4de6f0428edd6be448d42400dee02d183cfa15acea1	doc	Heodo
2020-09-16 08:45:08	a28a23ca128d4219c14856421649e8be9836b60650040fba71022341d239b6fa	doc	Heodo
2020-09-14 07:05:25	879157b21658e76e86a39deae545d239c4de9e50dad0ea07b3054143ebf9a69b	doc	Heodo
2020-09-03 20:54:04	e56820ed5e83d51aa84705e88d0ece136340abd67783ea2c9b47b055cd7d87e8	doc	Heodo
2020-09-03 20:30:32	ed9238b54842d3b371847f10b062cd40c9ae9cd4f92a3d0de6cf997cc31999e9	doc	Heodo
2020-09-03 20:19:22	14f41bc73e28d88290af87558aa3a0f6ce0b3eb17dd48f401aca614cf7da06df	doc	Heodo
2020-09-03 19:40:25	f50133085cf408fa42e3568d8466e35d6ae2ceffb26ec78fc25041eb5e5d7c93	doc	Heodo
2020-09-03 19:14:04	d7dccaf606ccac241264d06440a58415ea545b955e3e2538954c3ab166c541c3	doc	Heodo
2020-09-03 19:02:04	0286addf31e211364a924ab469282f0f4f544eddc3bd553d31a8b98a3b11704d	doc	Heodo
2020-08-28 11:56:20	56385c138dcd6e1f59be2fadd0cb3e78305d5a8b74de904c00ca85d68aa84809	doc	Heodo
2020-08-28 11:35:46	f518586d760ddbf3ef58ae4e7f8bc570d1154c9756e793135770a886901385cd	doc	Heodo
2020-08-28 11:01:42	9814bfb06f3175001ec302ebd03ed8fae2b6d2e0eea0077648414362b2c285bf	doc	Heodo
2020-08-28 10:45:55	642f14769b07ea8ab51a202c4f9b39fc9d7a2a6181baefed723a2d581d729a7a	doc	Heodo
2020-08-28 09:15:14	635e1141dfd9268f184274a609f325fe1aa27d7af0a4153fabd3ea891164543e	doc	Heodo
2020-08-28 08:50:18	5fcecf8fdfc590ef687d6590209ea3c2ea0ad746b5f4746e537cd64813fce05e	doc	Heodo
2020-08-28 08:39:34	feea99f37ed4cd0be78bb323cc0cf23b559b13c7d08f0a7949e4b87009ac670e	doc	Heodo
2020-08-26 01:15:40	300cf0fd3de72ba9c28fc5428b8fac05aa455c7d7ffffbf3ae72db863f7fec1e	doc	Heodo
2020-08-26 00:54:41	45f3d708478cd8e94ed0efa61d005fe07c3a6b3bf0c83e532e7714a6c8eaf529	doc	Heodo
2020-08-26 00:31:02	151a88024b801874b8ea66122e66d1ee49ea51c4b48df180919aebe5b54dcc31	doc	Heodo
2020-08-26 00:13:28	e2f93f504fd4eaf83abee9ba616dd2ff6264f7805737a5556899e37883c7cdc0	doc	Heodo
2020-08-25 23:53:17	8fca1b7834abd4c497c08643e11210ec88d3dc33c3d75a94f72f2039b584bf94	doc	Heodo
2020-08-25 23:31:44	2c2ed20e6d0df80913c859da0207d12f2ee675ec572b540ede6ad930101967c6	doc	Heodo
2020-08-25 23:11:07	6dc834835835a8603cd1e4255af58e418704d01452aca6494b306ee058b71339	doc	Heodo
2020-08-25 22:49:13	2a887378544614c46e38a88749314ed26f0f588fb80229eba306ae6a31389bfc	doc	Heodo
2020-08-25 22:27:09	696268abaa7fca009d2d755c96a4aab42d5aa9d20f5e586480896798e975b44e	doc	Heodo
2020-08-25 22:04:50	46f6f35a160697a5d77619a10d219306154c9fe17027dd94f500c71ae2361183	doc	Heodo
2020-08-25 21:44:15	450e8dc78bc1e07fb859e5b2aa358a8df25b20cb9e7aee45c0489e1718d10f1d	doc	Heodo