URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	fccatinsaat.com
Domain registrar:	Isimtescil Bilisim
Domain registration date:	2017-04-10 10:13:13 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-03-29 15:46:04 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-06-18 14:04:15	45.151.251.8	luka.veridyen.com	Not listed	AS209853 VERIDYEN	TR	no
2022-03-29 15:46:06	204.11.59.91	bh-75.webhostbox.net	Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-03-29 15:46:06	http://fccatinsaat.com/wp-content/Cw3aR6792f/	Offline	dll emotet epoch4 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-04-01 01:21:37	a08a53e086a4400c7fba0e7ae50dff29bab8e554b17fa1407f431cbcd1acfd28	dll		Heodo
2022-03-29 17:28:24	cbcede8f11cd11a000a3cacdb2f90dad851c5bf2f044c35f39da9ce39923ca7e	dll		Heodo
2022-03-29 16:29:39	67106a6108bfb6b8ed8006a102164a9a66637a57de78a37fab408b9e029d403e	dll
2022-03-29 15:46:06	786be7e98cca9b83ccb2830735599cafed4a848b8b10b867c19d4fd3bdeb6bbb	dll		Heodo