URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	cozailorinqc.com
Domain registrar:	Namecheap
Domain registration date:	2022-07-16 10:06:26 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-06-13 16:33:10 UTC
Total malware sites :	1
A record(s) observed :	7

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-07-27 14:25:13	172.233.218.191	hickory02.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2023-08-11 16:20:35	172.232.30.16	hickory04.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2023-07-17 02:26:04	199.59.243.224		Not listed	AS16509 AMAZON-02	US	no
2023-08-12 14:47:47	172.232.4.89	hickory05.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2023-07-16 19:26:52	76.223.26.96	aba1c1ff9d2ec5376.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2023-07-16 19:26:52	13.248.148.254	aba1c1ff9d2ec5376.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2023-06-13 16:33:15	199.188.200.154	princessluxuryhotels.com	Not listed	AS22612 NAMECHEAP-NET	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-13 16:33:15	https://cozailorinqc.com/tt/	Offline	BB32 geofenced js Qakbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-06-14 14:32:56	2a260768e2beebcc1da2d3368064660d054fbe8aa002eee7f2d9555f2340380b	js
2023-06-14 12:54:34	48eb2e68946564c7e368154c0bfd50d784f690ea037f14bd8dbc98e21c830452	js
2023-06-14 11:38:17	d36757a37cfad9dd9bce6ae6b436978344bfdeeac399a3f7bf4ef784029c9757	zip		Quakbot
2023-06-14 10:12:18	936aa95b1bcbffdab0d7e7e4b07b4ffa3907500bc9ac96a5d879d85aa64ffe9b	js		Quakbot
2023-06-14 08:28:43	5c4e49c1977a1a6350d56c77e09bf00d527cf459ffc47c665697c3cf349bf90a	js		Quakbot
2023-06-14 08:12:03	abea42c24e68ab1dfce9c66e1d510c5a7fb59c47ebfce07b2108bfa4829dea83	js		Quakbot
2023-06-14 06:48:21	768c7f7dd8a5c0704094fe92cc77d3d667040c32f88658005ea1730725376bfd	js		Quakbot
2023-06-14 05:19:58	319976befbb5269faeb1456a5aa2380505f358c976f911c341cfdcabc7981a1c	js		Quakbot
2023-06-14 04:45:13	3a3f6e894d8cb08e67dcdadda77cb165936a1a368e91300460d145f3fd09b4cc	js		Quakbot
2023-06-14 04:13:08	e52709cccd057f0ba8a1a15af6bd3a915c79b5304a0f9ccdbd1b4b5ef32dbec0	js		Quakbot
2023-06-14 03:16:22	c72f9d4985280477c1b57234ed6fdb9d760060d765c03db312c206ea35e8cb98	js		Quakbot
2023-06-14 02:49:59	660ff12604e28d9e2c91a490f5d055fbe152df411d179df1578c9d54b875c06c	js		Quakbot
2023-06-14 01:55:51	e7cd21fc50018e3a9d2df41a2c343698e595a11ac49619bbf9d7aaf657545e65	js		Quakbot
2023-06-14 00:49:32	dc380c6947c5f8de2586ab7baf30b36b6a9426932323cb2096af2c5f4e2c344d	js		Quakbot
2023-06-13 22:59:51	bd23dc61662cac8005b92f5bd9df881de1391cca73e36e749f5eaf4e8e53bd11	js		Quakbot
2023-06-13 21:55:21	f1da51711fec5288c298f706f7d6ea9323c81c167bd258ff00f5810d1eaa2497	js		Quakbot
2023-06-13 21:33:49	48f7a827ce26700fb4fc4370955e762fa9944d462d5c8ec894f100ed6a1286a1	js		Quakbot
2023-06-13 20:12:25	958342a90502bd278b7e87d0eaec2224d8b4856a579385d30092496561d6638d	js		Quakbot
2023-06-13 17:36:24	24f2158bf5aab157264c1a1f1a2b13476744dd44b9c41d9de0728b2b68845956	js		Quakbot
2023-06-13 16:33:15	fd17cd463af9bf449d3eb07975e3ec381c8a7608011d1e56b64d01ce8c363dbb	js		Quakbot