URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	administrasi.utp.ac.id
Domain registrar:	CBN
Domain registration date:	2010-05-05 13:09:05 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-19 07:59:04 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-02-09 15:52:20	202.91.10.28		Not listed	AS38150 TELNET-AS-ID	ID	yes
2022-01-19 07:59:11	202.91.10.92		Not listed	AS38150 TELNET-AS-ID	ID	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-20 15:27:12	http://administrasi.utp.ac.id/-/BBIAP5x/	Offline	emotet epoch4 redir-doc xls	sugimu_sec
2022-01-20 15:03:06	http://administrasi.utp.ac.id/-/BBIAP5x/?i=1	Offline	emotet excel heodo	zbetcheckin
2022-01-19 07:59:12	http://administrasi.utp.ac.id/-/L-36/?i=1	Offline	doc emotet epoch5 heodo	Cryptolaemus1
2022-01-19 07:59:11	http://administrasi.utp.ac.id/-/L-36/	Offline	emotet epoch5 redir-doc xls	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-06-04 22:58:23	97456d73d2f8c5772f0674124f1ef5134c47ab288867c300d95ae1314a8b183e	unknown
2022-01-22 17:02:55	fd83649a426e706a363449d7dcb503e4bf5b59cc3ab5d5a346e4ed308ec2e2f3	xls		Heodo
2022-01-20 21:31:43	2dc878cbd56aa3817a893c118a8257f705517f72326c6d5424d2b498fcb0c54b	xls		Heodo
2022-01-20 15:27:12	a85b2c4b7934947e62afc598726f7b15d704574502db7875d7b1e3cd941fb872	html
2022-01-20 15:03:06	edefd18d0580d8d25297bcddc843c3478c20f650b124224460ca9ae267529878	xls		Heodo
2022-01-19 18:58:56	84edb0a7a964669aefad50dd27f6a69ab2f4fc6cc70c1f10288a87104775a801	xlsm		Heodo
2022-01-19 10:42:42	acc9c41ba96ed8a91406bebc1f1d41b88c26bf7e1446c8fc4301ee0b840e1759	xlsm		Heodo
2022-01-19 09:50:19	a675b7d974851232b65d25e7fcd87697f9cbbd9a6bac4d21b14a1e249015d321	xlsm		Heodo
2022-01-19 09:27:25	607f4df6b7ab8a7d31bb402433e135024645cbc3df474b2d4d4144e093a654d3	xlsm		Heodo
2022-01-19 09:26:11	fb52c8cd5527da88fe38a96ea9bb45772d3a2e6e317d1e6249a301ae8ef05ed5	xlsm		Heodo
2022-01-19 09:01:42	ff21e0d799e7757351192a77594d12cce77faf6ebc669816ad4bc37ded38d952	xlsm		Heodo
2022-01-19 08:54:17	fbc47a25d026a1d3aabf04c65781142ef8d17ce0071e44f5925e33a2e3f715de	xlsm		Heodo
2022-01-19 08:31:17	e48f46cd60cb0b369d14352daf83f4a07f78332ff849bf8acf3729fcfd19cd47	xlsm		Heodo
2022-01-19 08:22:37	443dd2d26f74bfa06fd47b8f66378fa889268f0f6c4ced9fae74d7847811681e	xlsm		Heodo
2022-01-19 07:59:12	d145d8bd97ef82aed65a01e30b7523f9380bdef7e4af3cbb706c3fe571d2accb	xlsm		Heodo
2022-01-19 07:59:11	93c882f153779c76d54d188d31e9bd7e62503b0429a138fc49a472a642edd03c	html