URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	adhd.org.sa
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-07-30 19:57:38 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 13:52:38	104.21.71.248		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-04-27 13:52:38	172.67.172.154		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2020-07-30 19:57:40	35.206.120.50	50.120.206.35.bc.googleusercontent.com	Not listed	AS15169 GOOGLE	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-19 10:54:21	https://adhd.org.sa/sub_mrs/Zj0ZrG/	Offline	emotet epoch2 exe heodo	Cryptolaemus1
2020-07-30 19:57:40	https://adhd.org.sa/sub_we-are/z48rpev90d/0bjo2...	Offline	doc emotet epoch2 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-19 15:17:59	d7bd99abdb734505805e5544736ea4fe2c029081371e03f59008ef145cda3790	exe	Heodo
2020-08-19 14:57:57	eaa704ffb59ce78b5cf3fe2e0bdd3294de17831e0aed700cce617477530149d8	exe	Heodo
2020-08-19 14:20:38	8f634aaf124a73f77138606ad31d8461a4a6d6842c2733b26aafb0d42baef427	exe	Heodo
2020-08-19 13:45:06	1165838e41174443fa30d42f2d900419ecae012b92c4ebd1af67faef56336250	exe	Heodo
2020-08-19 13:23:52	e11e765d1455c5ec5ff5e0cf1de9b25296b35192e1d191c7b47d217e610d49ca	exe	Heodo
2020-08-19 13:00:52	cd96a3b4b9b993884d39900a556378fde2140de8770828c1d6d31b5e966edd3f	exe	Heodo
2020-08-19 12:40:40	48e49748f46bc7e2b52fe87f4db61df4d496b87ccb3fa7220c1e9622fd4ecafa	exe	Heodo
2020-08-19 11:10:00	e5aa4c043753f2f0c501810f3945794f0a3279339f94180690c800128a51d8a5	exe	Heodo
2020-08-19 10:54:21	6fcee04694a7f06974977d073a4740b4e6e729e7a3a24bd29f4b15d7b3ad0329	exe	Heodo
2020-07-30 23:43:19	14d0abac86898ba38672ae6e6392b4fadf7cb0692a8a445e1f7debef4e7e101a	doc	Heodo
2020-07-30 23:24:06	7c27fc12153685ebfa853201b4b71b6183b994f0bee705daf6d52db0f1062747	doc	Heodo
2020-07-30 21:41:54	fa9ebbddf93bf0bde73a7e62692c9a2ba07478ad334b60810862fe795384032e	doc	Heodo
2020-07-30 21:26:47	2f335817434e148eb3306ec99d29a3947f89ff9e3aee56f76f227d5894334abd	doc	Heodo
2020-07-30 21:12:48	b920bae96043cfc55017d7a67bb6c5caac098cfce2620c6348e63cf4f7842378	doc	Heodo
2020-07-30 19:57:40	81f94aec82668cee66d712dcd6d17ad48696392ff46bf57868192413acd68c88	doc	Heodo