URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: www.liugehan.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-08-20 10:04:12 UTC
Total malware sites :1
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-27 11:06:58 172.233.78.135172-233-78-135.ip.linodeusercontent.comNot listedAS63949 AKAMAI-LINODE-AP- JPyes
2020-08-20 10:04:15 47.89.36.218Not listedAS45102 ALIBABA-CN-NET- HKno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-08-20 10:04:15https://www.liugehan.com/1/anc3976072749662ueqq...Offlinedoc emotet ext epoch2 heodo ext spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-08-21 02:13:05bae16ea340cc512d6e1934d205bb3f0e34da81c10bbdf1a411b338c91f415c03docHeodo
2020-08-21 01:57:201125770ca72ec38466e63abb84b14f1128a7b5fdee91ab098dd25c53230e1537docHeodo
2020-08-21 01:44:350a10c7547caff2ef72359bb8941e5b1d66920f7ecefd54c795b7d18c1474ab9ddocHeodo
2020-08-21 01:28:55cf949407cd2ac080beab74ad3f668e760f555bf85a0b919c14580aafb5c8651adocHeodo
2020-08-21 01:10:00827b61d3f0f0d3d42ee69919ecdb9a190e3939c7d32cf425f7cf355276a3d2d4docHeodo
2020-08-21 00:55:593c86a0b190ac5ab87b216155e1a11d7a756739986e3545d994fce52d209cd64cdocHeodo
2020-08-21 00:38:225aef84eb7042aec5b21c949a61c3beb6aae3ed2e1d897d383e802a60766af3ccdocHeodo
2020-08-21 00:20:347523d22aeb84f9371a23ac8932c4316ea64ba34548df83083e4110ab90ce9cabdocHeodo
2020-08-21 00:01:0087fa434c22634148cd773528a464946457014d363c09cfe28a9a28b69f14f136docHeodo
2020-08-20 23:40:432a1df4345631fb171486a4030f429df645518685e10efd27e6c0844ef61640e2docHeodo
2020-08-20 23:17:26aac3f9b6d09a48b999dbe421aba8e36591e5f245f960a292bbf0cd518c23b922docHeodo
2020-08-20 22:51:58ea9a29f42ce90bd0cc4aa2b4758dc76ce4a5d639dcbe1ee8f4f0b61632793577docHeodo
2020-08-20 17:49:37172af56801cf4f253a30974aeeddb1910408d1417b4d8bffbefe887436c3b633docHeodo
2020-08-20 16:18:25ba76ba6e85a81cbac52654f9de3f6b2e7d3416f2bb3245be7a584944a9e7949fdocHeodo
2020-08-20 15:47:3260222c9a16cecc0e2cdbc84cf33986aa7663cbf80321a3106f4dc0b096529401docHeodo
2020-08-20 15:23:390c03dc40a8db0afc9ae714106e0bf60601869368336a60842cde31c0a3c8b55ddocHeodo
2020-08-20 14:53:4402beded3bf97160a812d8bd478ac0f798e12c3b82c464bb8429c8a5d78ae0c3cdocHeodo
2020-08-20 14:31:56713e8a1be959b7dd6086d6db1966d903ebbcc7c9b3df5fe7d7d5e0033bcf4f4fdocHeodo
2020-08-20 14:09:533d3214a91f8fa0fe6c54f9de7d331ac31f1a562aa0c0b0e33fb5aef75163ff95docHeodo
2020-08-20 13:47:19dc62b29f01e0debdb807f4adaaa4c22ca3f21e5fd5a48e7b2cb6b994d76cb36adocHeodo
2020-08-20 13:26:3262aaaf61f90d1c3f0c657fb7c0698dc7e72492a3e762c2161612a93b9ffe2aa1docHeodo
2020-08-20 12:55:0629b52f890109db1441bb1fab0d062383405b49e076d6f8c04c40644a9cfda15fdocHeodo
2020-08-20 12:44:24af814b93d391c55cf505da148f1c2115049dda290499697b1b91cf51e099828edocHeodo
2020-08-20 12:29:2666adaecff904f859044c0d2aacc5bf77afc7928a3827c0e75dda7e79c0c29601docHeodo
2020-08-20 12:11:43c3fded67568383b8de3ff5c451ac7182cddaaec771851a6a262f47c68edebae9docHeodo
2020-08-20 11:43:270fc24e52f38dc2987ac5826abe05dc4861ea6207d44b82b557222611f19173c7docHeodo
2020-08-20 11:16:58ab47a062dbbd97fae72fe297e5cffaea9d96c74395b5e6e3113c55364df5f6a1docHeodo
2020-08-20 10:56:009f32a654f894dafb884f98c4e30ab391b1fe3f15478273bedd8397903990c781docHeodo
2020-08-20 10:35:03568471d2d31e15f9b46076ae0167cdda7da49957b7cb120d330a0e450bc2c7f3docHeodo
2020-08-20 10:06:457d25d64f715231e2df3f268734ba75f0b09e05794c9ebba4faac4020c883d770docHeodo
2020-08-20 10:04:15cc9254149ac0a5f25e859e00fd4ae509b05a23e42d49708d4c0a15e4628b1c66docHeodo