URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.comhina.us
Domain registrar:	eNom
Domain registration date:	2018-08-21 01:27:34 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-06-27 20:13:06 UTC
Total malware sites :	1
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-05-19 08:38:17	34.149.87.45	45.87.149.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	yes
2023-03-25 00:40:25	34.117.168.233	233.168.117.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2022-07-07 17:44:31	67.215.182.29	constructor.hn	Not listed	AS27229 WEBHOST-ASN1	US	no
2022-06-27 20:13:17	67.215.182.31	host2.worldkast.net	Not listed	AS27229 WEBHOST-ASN1	US	no
2023-04-25 08:39:25	199.15.163.148	unalocated.163.wixsite.com	Not listed	AS58182 wix_com	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-06-27 20:13:17	https://www.comhina.us/wp-admin/BqXXttOa3XLjg1u/	Offline	dll emotet epoch5 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-06-27 23:55:06	3d97c4fde7c8566c062caabd41b9f3f9be1a6adfa8739ef13b5950c66eef9245	dll		Heodo
2022-06-27 23:42:02	4eaf772b2393a1b5c66cb11ee03d7df6984b08eea6abf1a6030a42d776c9f9c7	dll		Heodo
2022-06-27 23:26:48	665ac856de677d162368a50020c2f1c272409d8dff90c36e0b1ad2e033f60119	dll		Heodo
2022-06-27 23:04:40	80e1fd56cd2e27de15df677c60cb2fe01a409aa6443c1afbdfa9fb5133c4e25f	dll		Heodo
2022-06-27 22:48:29	f818efdeda8fa4bf1845950a19b187b4daeeee285c4c83a60370db304ead3ede	dll		Heodo
2022-06-27 22:30:22	2e9024fbdb748c5b5e24f27aa7173a0b1ff94fd681b1174a45c7e7a348e52c3d	dll		Heodo
2022-06-27 22:18:43	a5ede26c5a8d7fa8accbf5ae125e359795e29d8081561fa253ecef7966a055fb	dll		Heodo
2022-06-27 22:05:10	b0cdb4f9355de6b26cccfd761a43ab7b05f7a5bcff1385197fb046a6892c084c	dll		Heodo
2022-06-27 21:53:20	36549ad76265d6c93dced845fbd935aa7b5d0738b3ef4f72632d6f55d0029c6e	dll		Heodo
2022-06-27 21:36:10	70d5f578f69e4d17d87db2bf9bbb5a4774d12a01c49d80d7b6120599b76335f3	dll		Heodo
2022-06-27 21:26:58	2fb21a3d0e701a51391eae24c7227236700de14fc8c5d345c1bbdc651c3ec653	dll		Heodo
2022-06-27 21:14:23	edc26edf9ad445b59f3968ed5144b3c469e9276fce46d9195df67e430932f880	dll		Heodo
2022-06-27 21:01:51	ce7450be81daad07d0802c99ab778a465840e689b527b9d5dc0f7b049da225bb	dll		Heodo
2022-06-27 20:48:46	dfdf1cf7ee1d677a5ebeedd910a6d345c656f000cedb828bd89ccdac9ba80d54	dll		Heodo
2022-06-27 20:40:05	cb369a73e8032697f062cb140de44a83a706087a42a3f9c5705cc502ba7952bc	dll		Heodo
2022-06-27 20:22:50	3536479d976fca2a1f37035806b1824780ee13daa89e09ee1d6721a34c9936e2	dll		Heodo
2022-06-27 20:13:15	8408e76c8933a7aca6006c544db383b706ca67909b55a5e92da1614819a0a550	dll		Heodo