URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	altheqa.policyfest.com
Domain registrar:	GoDaddy
Domain registration date:	2020-02-18 04:00:04 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-20 18:43:03 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-01-13 16:19:56	104.21.89.16		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2023-01-13 16:19:56	172.67.187.156		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2022-01-20 18:43:04	139.59.52.232		Not listed	AS14061 DIGITALOCEAN-ASN	IN	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-20 18:43:05	https://altheqa.policyfest.com/Fox-C/uHPOovOxa2...	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1
2022-01-20 18:43:04	http://altheqa.policyfest.com/Fox-C/uHPOovOxa2B...	Offline	doc emotet epoch4	Cryptolaemus1
2022-01-20 18:43:04	http://altheqa.policyfest.com/Fox-C/uHPOovOxa2B...	Offline	emotet epoch4 redir-doc xls	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-21 07:29:20	6407591df6ce61f946e24715faa6fba1b1f3221e2baf22f6c4f5a64f1ea98eb5	xls		Heodo
2022-01-21 07:01:55	3ca3bcd5771a06938cc8e8c44cd2c85b794376401b469fad7e5d4b513449fa27	xls		Heodo
2022-01-21 06:49:06	e59173f043483afd41faf0edf28ff91047d48ddbcabe29efe43bbc7d238c9861	xls		Heodo
2022-01-21 06:23:27	b8fef9073b247386d53e1eba4723994cf6300b257f2b637cb1eccead6b68904c	xls		Heodo
2022-01-21 06:04:19	fc79dd33ef2208cbe871b54938ff2ad295a34cb9a720e4995853dfed5761db18	xls		SilentBuilder
2022-01-21 05:50:12	29111d8e5e8306e76660db292e7232ab39e901955014eede21e912c931a09b5f	xls		Heodo
2022-01-21 05:18:40	c3496d8e7d2ffbb343cb44911bd859ceb08cbac8eb09ebfc58ce6cb1208f2d8e	xls		Heodo
2022-01-21 04:50:05	a3d7cb606d8f77987119021ad7d89fac7d02668d86ff90db65c87e54a15e73fb	xls		Heodo
2022-01-21 04:45:46	e06d794800a6c8e29eaee2ec0e2ccd9f60b00c7d6c9b4a80ce605a4c156f9982	xls		Heodo
2022-01-21 04:14:05	71b3ba908e6fad97ab7e14ce79d7e0c313fba439d916a3b20a8ec2040e30ed87	xls		Heodo
2022-01-21 03:49:38	539a3855a176457a29262e61d738250050450a8a6adb2b1e9c8961a40a6cad57	xls		Heodo
2022-01-21 03:41:47	053d625d162a5e1ad61603ca7d6dfd915cc175e991eaf3377a55b00853fabd07	xls		Heodo
2022-01-21 03:28:09	9ad38c251b929edaf974d16b81d02e8b87ca16da14c4aa4eea44df09aa210c69	xls		Heodo
2022-01-21 02:57:54	d26fa50d28f1d5fecfbd935c7c439e19ed0336097938d366f8d2cb3e8c039824	xls		Heodo
2022-01-21 02:42:50	9eb1535c5aaefb0a3a2b583a4aad8ef65f55b805294dca339ab2f8e632ebffed	xls		Heodo
2022-01-21 02:27:49	baa950d432aeb1593d886ae1afff9dbc40b6be9828af26c7d3c72431f4fdafff	xls		SilentBuilder
2022-01-21 02:17:22	2cb043937c5838c3f91d3955127cc444ff420b74448d38395ab177b8369753d0	xls		Heodo
2022-01-21 02:04:23	4c2ddd629e265246f75b3e606e6bc899afb3c82020fc9a8f440e7793d6fed047	xls		Heodo
2022-01-21 01:40:12	3accfd2337522a6c68a1018979e3ac6603237e13aff0b962ae093662129d8609	xls		SilentBuilder
2022-01-21 01:19:12	c3deaaa5202a717b68951cf04c00e24200a91aeee0eceb58cc032a0471fbda36	xls		Heodo
2022-01-21 01:08:10	1b6134b3db142025a7ebff094a48928647019264965031e089063502561e7ca5	xls		Heodo
2022-01-21 00:56:39	bf377a8c8ae5170949a1ea2d2f8fb6d63a24839276a2fd63bc2a4525f1839a59	xls		Heodo
2022-01-21 00:41:09	46e07bbc26b054bd482b53d0528f74edc997f805951abdafb92a26dc38b7bf64	xls		Heodo
2022-01-21 00:20:11	9296f02a362c27b1e3a3b4119ede64ea52b6c0430fc70517e5146730c23c987d	xls		Heodo
2022-01-21 00:05:26	561f1541d1ce60dd8a10c61c54f99d83e67ed86b0f645a6e564a99baa08f56b3	xls		Heodo
2022-01-20 23:57:16	2d259bd946fb388d1a7d75d28ba591aca3377e0ca8b49e0add414fe82b76f483	xls		SilentBuilder
2022-01-20 23:33:50	b0e176129f7c1c4ae1d31d420d8ecacaceb6c4682002848a769d98e4b0f21399	xls		Heodo
2022-01-20 23:16:38	5d36041450aacaf14696b91009e0d0724695c47586467dfad802076b3dd6adde	xls		Heodo
2022-01-20 23:01:21	3e36c6f45c9f9361f6c28f811cd2048a727e022281815b02c021811cab7ed01e	xls		Heodo
2022-01-20 22:52:03	514af468cf8a54d3ba4fd08208de3119721d9a9b5e4d2c96373add4d3dd7688d	xls		Heodo
2022-01-20 22:28:48	afc76f4aa05482102ea34e10b3d2397db55857510ce6ae3dcfe05e29cc92bde3	xls		Heodo
2022-01-20 22:15:59	48fee052f0fa5361ddc892d4768321a00e5c80adabc60654488ea8fc1ffa135f	xls		Heodo
2022-01-20 21:57:22	02beb553bb2d04182e73cf34f42a9dc4c52f84b4278e97f9fbce8f111af576d3	xls		Heodo
2022-01-20 21:49:04	26abe8e8297849c2a5721808548030b0abb405538a62e4a4d7bc0bf2a6279476	xls		SilentBuilder
2022-01-20 21:31:33	e099be7b0c6f692f34ca73c32d72d85e9f0465fcf630dc6d929ff4280496c27b	xls		Heodo
2022-01-20 21:09:19	ab4456f73cd0d49bd6c2dc5553a33ff128bc765cb07cd47f8e0619d01735f966	xls		Heodo
2022-01-20 20:52:36	caa57a0d7208775ee50b80b88384a83804e8b132229162b88db9a3a57abb7acb	xls		Heodo
2022-01-20 20:34:38	5d372591b1e8b3107e0e57ec3a38f1d2bfd43afef5f04bee85334f46f57d71bd	xls		Heodo
2022-01-20 20:04:00	b9da67f07dffac92070453903df7e7b7ba55f0535b5c64111357c3f70d836787	xls		Heodo
2022-01-20 19:43:57	670b10a706a22c6efc34af36bf591688d08eb44be993d5901a66525c6369bd9e	xls		Heodo
2022-01-20 19:23:21	db6061f8252704ee6f243e9d5792be120e6743cd366b4ae8f3b56d12b00866ff	xls		Heodo
2022-01-20 19:11:30	ad511015e8c542a03954c1be8721ddcce85dbe997f7b2048bc6e1b35823c5ffc	xls		Heodo
2022-01-20 18:54:43	039adcca4d205850117d5b2348ceec561c57868668ab822350ef94a9b9467842	xls		Heodo
2022-01-20 18:43:05	a871770ef1ba329147828026ab5d7d1d0edf83ea93fca2bb2d0faada51cf48e1	xls		Heodo