URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	customairdancers.novosigns.com
Domain registrar:	n/a
Domain registration date:	2005-05-22 21:12:41 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-11 20:36:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-01-11 20:36:05	207.45.187.106	north.securenet-server.net	Not listed	AS22878 ASACENET1	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-11 20:36:05	https://customairdancers.novosigns.com/cgi-bin/...	Offline	doc emotet epoch5 heodo	Cryptolaemus1
2022-01-11 20:36:05	https://customairdancers.novosigns.com/cgi-bin/...	Offline	emotet epoch5 redir-doc xls	waga_tw

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-01-12 01:19:06	663ca3b8545e4e02572b5d348a1f77c7ef30d1810e8adbe25dd699b2cfb1792f	xlsm	Heodo
2022-01-12 01:00:24	b34e6de4f7fc9427651923dbdfab0c34ff83e99f9d44a4bfea838e1b4e59907f	xlsm	Heodo
2022-01-12 00:27:20	b5e8f3567a440978a4203bb8ad88886ed6d4c9c2ca4a599897d7227c56368bd2	xlsm	Heodo
2022-01-12 00:13:48	d193efb518a026a5507a4bb6bc168c2f7922c39ce1bb8fd5553512152cc2b88d	xlsm	Heodo
2022-01-11 23:55:51	d3e6a6a97ad6e4f79e73386e88cddd5b958d0f8745c551837dd366b929671704	xlsm	Heodo
2022-01-11 23:26:42	e06e1cc33f42f59f86b44d17359234628540e287dc10a39ac66ae21449abd380	xlsm	Heodo
2022-01-11 23:08:51	d232986e906c448669c346c5edefc1d51b9224b6d53afd360e4768f9861eafad	xlsm	Heodo
2022-01-11 22:44:02	dd14be16e01e5fe53b7cf8199af830a979dbbbc33593606f3b25d7ea3b32697c	xlsm	Heodo
2022-01-11 22:14:57	b8662d7aff6b2489b65fd6ddc022a5a87c6adb0e1ed1f0286ccd80c0bc11471f	xlsm	Heodo
2022-01-11 21:39:47	8ad61be673c186c9cdfb6c6c8d750fbcf80f920d4905742c0ed9d67833026ed7	xlsm	Heodo
2022-01-11 21:23:41	69fdc8b909b3d9e8de4ffafb89dff475c99a4e3ac57eda41c014cea8ee8ddcb6	xlsm	Heodo
2022-01-11 21:09:14	8e6f2f4a5b3f21565eb5ebddea133dff53d5904357950842890bc5bbda52ed2f	xlsm	Heodo
2022-01-11 20:52:40	e8aafc15bf0669df883db0e64e8f43f3682a856e74e19e95d9aa6b44aed98ea4	xlsm	Heodo
2022-01-11 20:36:04	54ea8278be35064a8017aefe7f5c1f1497983d965e89621a056edb730b109bdc	xlsm
2022-01-11 20:36:04	c522b9e9013459a7936b28890e37c90e8898511259d5a787c4f5d6bbbd93eb1c	html