URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	aramcotools.ae
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-10-26 13:00:04 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-01-15 12:05:21	104.21.64.240		Not listed	AS13335 CLOUDFLARENET	n/a	no
2020-10-29 05:41:21	172.67.138.43		Not listed	AS13335 CLOUDFLARENET	n/a	no
2020-10-26 13:00:06	68.66.224.51	az1-ss25.a2hosting.com	Not listed	AS55293 A2HOSTING	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-10-29 03:13:04	http://aramcotools.ae/wp-includes/DkxkyWcKujbtK...	Offline	doc emotet epoch2	Cryptolaemus1
2020-10-28 17:26:05	https://aramcotools.ae/wp-includes/DkxkyWcKujbt...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2020-10-26 13:00:06	https://aramcotools.ae/wp-includes/31574374417/...	Offline	doc emotet epoch1 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-10-28 21:43:13	2a7fa7333c9651955476107db7c4fabaa333b34c5c6938bfad143ae443d94dd7	doc	Heodo
2020-10-28 21:15:56	558f9ea460d8f9e9babcc477c01c40ba377d80607e6dec6640f78b0f12794bd1	doc	Heodo
2020-10-28 21:09:34	a3fc674142c99cf43ec65daf8d31036f96aac0f9ef66988b6b3d80ac73f60bfb	doc	Heodo
2020-10-28 20:43:13	cb2de094d6518308daefaa75867659fdee298e4a0617b473ce48c4dcdea085de	doc	Heodo
2020-10-28 20:04:51	ad10b386d964b6056e529c2bdb70ccb19ba21b3b0a59ac606113fedc49626b81	doc	Heodo
2020-10-28 19:00:50	548e2dd3c73fb009710071b48a2afd21140eb1328ad31397857707060efc61a3	doc	Heodo
2020-10-28 18:33:02	ac9272ebdc022c3e93ef6dff217e30a0434094ccb3b6c5ab79cc97a94cf1825d	doc	Heodo
2020-10-28 18:09:22	78344d3e894155b6b6fa65119c449406b1ad08900e1cb58f68d7efba27947084	doc	Heodo
2020-10-28 17:54:12	f8c7566296ab5b125218fcfca6cb017b25bf92027db687ec545e8897a62c59f9	doc	Heodo
2020-10-28 17:26:05	028f51dbdfd44aa2c12928be40c8b34c1178a7b36c3aa2556596393a09409083	doc	Heodo
2020-10-26 14:54:42	cb0f9c9bcce4f520c871ab095423cc91154f163a2c86e88aef0e63466974ea0f	doc	Heodo
2020-10-26 14:40:01	e8931527bc1c4fd0c45a9162060a6bf29a0d06679916d892cfffce7882a1481e	doc	Heodo
2020-10-26 14:27:51	ff68589efb48ed334df874116da99513e4be8d9b93dd70073f912a46f1c7276b	doc	Heodo
2020-10-26 14:16:40	cb7ba7a31e5fb8bae2b722fa5deb8ada4ba392a89068d2ae985850a4470f2e45	doc	Heodo
2020-10-26 13:55:46	5ed48d52b3361971f8fd0a9853c6a6850c0f012769a71d3f68e2808845ff1f09	doc	Heodo
2020-10-26 13:33:04	a9aa803b3c3f9f462ec1bd17a2380b956e9872f917bf9a7232c1a96c6aba68c0	doc	Heodo
2020-10-26 13:14:14	d1abcf7be3ad51873e8f18e2f2d07487da68b9450943ee963efc561fd680fc3d	doc	Heodo
2020-10-26 13:00:06	5bdfa0c917624bd7de8b3378352e10dfc48b33bd79c14f27cc5b3e9dfe1d1ed7	doc	Heodo