URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: getiftech.org
Domain registrar:GoDaddy -
Domain registration date:2021-01-12 00:12:06 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-01-20 21:28:03 UTC
Total malware sites :3
Online malware sites :0 (0%)
Offline Malware sites :3 (100%)
A record(s) observed :17

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-01-18 01:25:28 34.98.99.3030.99.98.34.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- USno
2022-01-24 12:36:23 188.114.97.3Not listedAS13335 CLOUDFLARENETn/ano
2022-01-24 12:36:23 188.114.96.3Not listedAS13335 CLOUDFLARENETn/ano
2022-01-20 21:28:04 172.67.130.54Not listedAS13335 CLOUDFLARENETn/ano
2022-01-20 21:28:04 104.21.7.117Not listedAS13335 CLOUDFLARENETn/ano
2022-10-08 11:07:09 188.114.96.5Not listedAS13335 CLOUDFLARENETn/ano
2022-10-08 11:07:09 188.114.97.5Not listedAS13335 CLOUDFLARENETn/ano
2022-05-28 20:11:27 188.114.96.2Not listedAS13335 CLOUDFLARENETn/ano
2022-05-28 20:11:27 188.114.97.2Not listedAS13335 CLOUDFLARENETn/ano
2022-02-07 07:29:28 188.114.97.12SBL687666AS13335 CLOUDFLARENETn/ano

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-01-22 18:20:34http://getiftech.org/NY/Pin_files/m9bc8YRyL4Bth...Offlineemotet ext macro xlm FplPhoenix1
2022-01-20 21:29:04https://getiftech.org/NY/Pin_files/m9bc8YRyL4Bt...Offlineemotet ext epoch4 redir-doc xls Cryptolaemus1
2022-01-20 21:28:04https://getiftech.org/NY/Pin_files/m9bc8YRyL4Bt...Offlinedoc emotet ext epoch4 heodo ext SilentBuilder Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-02-20 13:42:3631003e6ca99bb729570645fab42de970f80290cdcc8cf262acd5502490be069aunknown  
2022-02-20 13:41:578be8120d86e853ed6019221b4c256888fce5aa8c301ba645874a81aaf7248825html  
2022-02-20 13:41:538be8120d86e853ed6019221b4c256888fce5aa8c301ba645874a81aaf7248825html  
2022-01-21 07:07:126407591df6ce61f946e24715faa6fba1b1f3221e2baf22f6c4f5a64f1ea98eb5xlsHeodo
2022-01-21 06:47:51e59173f043483afd41faf0edf28ff91047d48ddbcabe29efe43bbc7d238c9861xls Heodo
2022-01-21 06:29:30b8fef9073b247386d53e1eba4723994cf6300b257f2b637cb1eccead6b68904cxls Heodo
2022-01-21 06:13:377efacaa6dacfe6bf20d27faaf86184458461e64165c615cede70b42cf913f8aexlsSilentBuilder
2022-01-21 05:59:45fc79dd33ef2208cbe871b54938ff2ad295a34cb9a720e4995853dfed5761db18xls SilentBuilder
2022-01-21 05:45:1229111d8e5e8306e76660db292e7232ab39e901955014eede21e912c931a09b5fxlsHeodo
2022-01-21 05:29:04ab4456f73cd0d49bd6c2dc5553a33ff128bc765cb07cd47f8e0619d01735f966xlsHeodo
2022-01-21 05:12:172c9af469fcb89bb2e93d1ac70ce0bec912b78d5c3cbadccc3040c18dd03f5e41xls Heodo
2022-01-21 04:54:22a3d7cb606d8f77987119021ad7d89fac7d02668d86ff90db65c87e54a15e73fbxls Heodo
2022-01-21 04:28:09d314b3d22bcf83bf1f0dfb95189d8101cf360bfb61041246129f3f95f8de2402xls Heodo
2022-01-21 04:03:01702e9fcc889535f1c31e1bad34de6e4456520ca0687f9240a318140924bed3cdxls Heodo
2022-01-21 03:50:10539a3855a176457a29262e61d738250050450a8a6adb2b1e9c8961a40a6cad57xls Heodo
2022-01-21 03:34:339ad38c251b929edaf974d16b81d02e8b87ca16da14c4aa4eea44df09aa210c69xlsHeodo
2022-01-21 03:16:26fd0a745d8df31045d5044a9ad6c5efb7c678826f14a463a5cf2abf91cd0c1014xls SilentBuilder
2022-01-21 03:02:332847438e4b48ee5f630b8d0a3d5361bf4071aa308d8999a69cba995fa548add5xlsSilentBuilder
2022-01-21 02:48:54ccd9c6eef79a18615ba690a35d8a2f238ef0d6cf1e715536299b42f9e67357d6xls Heodo
2022-01-21 02:26:00baa950d432aeb1593d886ae1afff9dbc40b6be9828af26c7d3c72431f4fdafffxlsSilentBuilder
2022-01-21 02:12:122cb043937c5838c3f91d3955127cc444ff420b74448d38395ab177b8369753d0xls Heodo
2022-01-21 01:56:10278e2b44764f4223799867c585d886b7fe57313055f5f82d983f7e13e1a49aedxls Heodo
2022-01-21 01:42:153accfd2337522a6c68a1018979e3ac6603237e13aff0b962ae093662129d8609xls SilentBuilder
2022-01-21 01:18:59c3deaaa5202a717b68951cf04c00e24200a91aeee0eceb58cc032a0471fbda36xls Heodo
2022-01-21 01:11:311b6134b3db142025a7ebff094a48928647019264965031e089063502561e7ca5xls Heodo
2022-01-21 00:48:05e57baf9289180802e131633ce599fd55a0a67db3423c45d62f4a88fbf94a0874xls Heodo
2022-01-21 00:38:4946e07bbc26b054bd482b53d0528f74edc997f805951abdafb92a26dc38b7bf64xls Heodo
2022-01-21 00:19:199296f02a362c27b1e3a3b4119ede64ea52b6c0430fc70517e5146730c23c987dxlsHeodo
2022-01-21 00:09:13561f1541d1ce60dd8a10c61c54f99d83e67ed86b0f645a6e564a99baa08f56b3xls Heodo
2022-01-20 23:48:0688c13197081731462e05ef64b1c9abbdc1b85e0e573437506270137fb7b735d8xlsHeodo
2022-01-20 23:39:292181997083632b17484474d7152e18c8a65175b823c871b164d15d2e20a8ae16xlsSilentBuilder
2022-01-20 23:24:0439123bd1932920eca6749593bee628c405f8bb88114d8647a5d9db8b5914f46cxls Heodo
2022-01-20 23:08:57c3782f393e6dca8cbded5a7bbb73789792cd1bf807f4f71cd863b12992beda95xlsHeodo
2022-01-20 22:44:02a72795a18fa2b90928f307e227b1f1a57590672870b3acc9e8cb0eb4d38bdbffxls Heodo
2022-01-20 22:34:36b069423ac3753a4878bd652c9c55362c541db7529bd0b294ddc47bb7c6475946xls Heodo
2022-01-20 22:24:338a39d34f5c3133db2f6137b02545e312f05bbdabceda4bd830948380fa4c98c7xls Heodo
2022-01-20 22:00:553b63534dcaf71bdf8293d2a3ce3310a02d2eda37deac68d5ccbdc89cfbc8f408xlsHeodo
2022-01-20 21:39:08817f4c96e056390228a3d9ce57239ad521627a3617b13e4043dc99c91569ffccxls Heodo
2022-01-20 21:29:04f6e96d7200430d7d40d6a5f90d5ca36e395933599b9eccc22048a9c63c43b1b1html  
2022-01-20 21:28:048f7d79c3f9fe1dd44fd2a164a1dd8713fa37b21bcb1cc8dc6b94ee8d47bd2896xls Heodo