URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	fensterfront.com
Domain registrar:	Mesh Digital
Domain registration date:	2003-09-10 17:19:41 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-03-29 14:20:04 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-28 09:49:07	85.215.49.218	vs04.ds-webhost.de	Not listed	AS8560 IONOS-AS	DE	yes
2022-03-29 14:20:05	176.28.15.133	vs03.ds-webhost.de	Not listed	AS8972 GD-EMEA-DC-SXB1	FR	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-03-29 14:20:05	https://fensterfront.com/yh/WAEc5bkS938g4aAZx1U...	Offline	emotet epoch4 redir-doc xls	Cryptolaemus1
2022-03-29 14:20:05	https://fensterfront.com/yh/WAEc5bkS938g4aAZx1U...	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-03-30 08:11:26	4e9360135bc764d3e1c38b136a67db8939b68992f983c17c2096ee12d028b362	xls		SilentBuilder
2022-03-30 06:07:19	7597defb4baf2b0e2bac5b71f4f2cce4b215b9269a11b07be5dd44e5a750956d	xls		SilentBuilder
2022-03-30 04:52:12	052fbc6590f24acff458963b590eef70e2476dda44c74382ebbbc8cc3a9e9c25	xls		SilentBuilder
2022-03-30 03:28:23	44d5403251abf78bcc06490d12cef37dfb9c334dea049aedafa5e6a86bbfb235	xls		SilentBuilder
2022-03-30 03:02:18	c7a30f982cf0763c857f2e0e5b13267783a2764655f5addb8b79305c04db0413	xls		SilentBuilder
2022-03-30 02:09:39	9e567a344081987a4426f78ec523045fd89cefc8790ccd11bc7c7e84a0816144	xls		SilentBuilder
2022-03-30 01:29:53	b3f2c6b1c48d4cb99c33506b2e9be25b0039ac0ba0c9c67e0cb79790ac7ba8f6	xls
2022-03-30 00:26:02	a86068c11ddc91fe81492d31c721514cb80c6bb1948c7cf126fe733af7205e52	xls		SilentBuilder
2022-03-30 00:00:14	0d02c7086648aa7d020cc5a5ed181f99f3d51c2c9a2522726d0bf1cc14b9110f	xls		Heodo
2022-03-29 23:04:16	b8c49a9df5c1a3bc0537ffe1119107d04df77d72c06ed2e3fa7ebd2c7ca0b584	xls		SilentBuilder
2022-03-29 22:39:50	d2c2f994b521bda48acab4fdb007d4fd5b14e1d30efd50a47348c9021992ff50	xls		Heodo
2022-03-29 21:48:13	a679c80a799b163cf0ad3f464c4a1bc023c7d6dd0715662da376d6260a4b9040	xls		Heodo
2022-03-29 20:46:37	6e5d4d61f6b1d0d27afe34e697395676dd75e6089767b1126d340b7c343a8642	xls		SilentBuilder
2022-03-29 20:24:26	43fce2e605be1e82e8989d5ff11ae5a74e6feb9e3c323b672c3acac8dac661d1	xls		SilentBuilder
2022-03-29 19:24:05	dba7a4b42e291b9f9fa4c9734d6671a1ebb6dda6e2bec200a0d72322ad1f37b6	xls		SilentBuilder
2022-03-29 18:33:32	0a6154f3c866b22e26356c0459f4b0eabee2bf9a7dffa104440b5db1ea99e2f7	xls		Heodo
2022-03-29 17:54:31	47c9e54827d5eb1bedf091b985d4c3db3dbd311b612c0a62bc274c20f46af944	xls		Heodo
2022-03-29 17:24:12	82712ef6878423d4241b9bb9d22d2c9188f6d92ba57da69b6c7da9128fd3dfe6	xls		Heodo
2022-03-29 16:12:37	723395fe95e3d656d422955edae3e78b38c2665cac6e68947fcbd18817801e4d	xls		SilentBuilder
2022-03-29 15:49:28	d6646a94355639bf44f2e0fd0805e12c8f774cb87361d5bbc1a9f2f606c35f14	xls		SilentBuilder
2022-03-29 15:00:43	81113b572a380caf1d7469e353abb8ea79ec0dfa9c19a9e4add89e0e1cb8fd50	xls		SilentBuilder
2022-03-29 14:20:05	6b30d40399e632215462c77ce525513ffcb24605ede2c5d4a627c790508062ef	html
2022-03-29 14:20:04	f826114223c99e0d29401b4f95bd67ff825dba627a87a19e2c69a76a93d6773e	xls		Heodo