URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	gonorthhalifax.com
Domain registrar:	Tucows
Domain registration date:	2011-12-09 15:49:22 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-11-28 14:38:02 UTC
Total malware sites :	7
Online malware sites :	0 (0%)
Offline Malware sites :	7 (100%)
A record(s) observed :	6

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 08:26:29	198.49.23.144		Not listed	AS53831 SQUARESPACE	US	yes
2022-04-13 09:33:40	216.239.32.21	any-in-2015.1e100.net	Not listed	AS15169 GOOGLE	US	no
2022-04-13 09:33:40	216.239.36.21	any-in-2415.1e100.net	Not listed	AS15169 GOOGLE	US	no
2022-04-13 09:33:40	216.239.38.21	any-in-2615.1e100.net	Not listed	AS15169 GOOGLE	US	no
2022-04-13 09:33:40	216.239.34.21	any-in-2215.1e100.net	Not listed	AS15169 GOOGLE	US	no
2018-11-28 14:38:12	143.95.39.23	sterling.asoshared.com	Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-03-31 17:28:06	http://gonorthhalifax.com/wp-content/yTmYyLbTKZ...	Offline	dll emotet epoch4 heodo	Cryptolaemus1
2018-12-05 15:57:46	http://gonorthhalifax.com/En_us/Payments/2018-12	Offline	emotet heodo	zoomequipd
2018-12-05 14:49:03	http://gonorthhalifax.com/En_us/Payments/2018-12/	Offline	doc heodo	zbetcheckin
2018-12-01 01:28:09	http://gonorthhalifax.com/ffmoJjv8/de_DE/IhreSp...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-11-30 14:48:05	http://gonorthhalifax.com/6BYELM/PAY/Business/	Offline	doc heodo	zbetcheckin
2018-11-30 14:12:03	http://gonorthhalifax.com/6BYELM/PAY/Business	Offline	doc emotet heodo	Cryptolaemus1
2018-11-28 14:38:12	http://gonorthhalifax.com/ffmoJjv8/de_DE/IhreSp...	Offline	emotet epoch2 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-04-02 02:53:07	47c4a587e633b617e6da5801364f14ccb9af1abe91beda0463a1bb18ab263ec8	dll	Heodo
2022-04-02 01:57:20	7f55348a50cedaa90a1d818ab4c1bf328d7ad3d59ea4471b72161f29520d6b44	dll	Heodo
2022-04-02 01:16:24	2854b1450ceee5cc262de1b124c92a403f03a786a46e386bd8fab2591c301a81	dll	Heodo
2022-04-02 00:21:39	899aa678c02b9413555a8552de14923d77afc1c52551347be1b737f1762007cb	dll	Heodo
2022-04-01 23:40:55	9287eaafeec95f751f91b14d66b09b86e998f3959c00cad2ce7536ab324f6b17	dll	Heodo
2022-04-01 23:12:56	2dbbb0d8fc8cefee1880372991e401cd3688310861afbfd10476d01bb2af4e9e	dll	Heodo
2022-04-01 21:48:01	d2a415d7398ca4b47096a45e75d1b4359acc8bc9b95f8541ef3cbb1bb7839152	dll	Heodo
2022-04-01 21:18:05	e612dc0bd133bec5cf918c12701b8f40a90d6a6985a9ccf4061ca7423a375687	dll	Heodo
2022-04-01 20:09:42	f2270197d04cea46f70b40af948df5c7d9f0054238d229408acfb9bb9345a7ce	dll	Heodo
2022-04-01 19:01:46	d99c6285e8ce74e22e066f41513f346a250eb8af15f57bc2ed05465adbccd16e	dll	Heodo
2022-04-01 17:59:57	99ccf0081ce1724893083612c410de5eb82181a6fb674c3831ec6cec0e27ef42	dll	Heodo
2022-04-01 16:27:29	393eb515589f290a1cac47d0a92f5350d50cbc037ce5c977d379861ee2a141b7	dll	Heodo
2022-04-01 15:48:27	c384a806d5d54364cf7364235bb3bd12f88006ada6eec613a79f70b5bfe9f66f	dll	Heodo
2022-04-01 15:10:25	f0c5f9984ef5c00d0ec5b1d386abae92b33e092f9e41f6d82c865ee470290508	dll	Heodo
2022-04-01 14:36:21	51406a6de4f83cbe215552138c7edda3c0ef0d65831b86e06d01507434e2270a	dll	Heodo
2022-04-01 14:15:06	2b5e708830da1c868116c6e711ea791b53d181373420129b41ff55f6464ce8b8	dll	Heodo
2022-04-01 13:34:02	c0c5150ad608ec399e08c048e9402a925e1ea8a0bf9934a0663a850e3548b14a	dll	Heodo
2022-04-01 12:25:37	c5cb64b502772a45dbeac22bf3aa49d93792f87f1eb1f98f2fd32b63591e3fef	dll	Heodo
2022-04-01 11:05:48	c25a1eef79cd3fa90a01bea45ac2de93ccd5ccf87c217faf96572f7845301a1f	dll	Heodo
2022-04-01 10:23:36	2063ffa168b27548b9cb2b55cc368efa310f5e817dafafd0dd69c44ba9334fe6	dll	Heodo
2022-04-01 09:22:34	4c72b496f74d128a7496a7af5327efd6ca3ba23ffde7a2c5faf33731509a56bc	dll	Heodo
2022-04-01 08:11:42	bebaa66d10cb7d1a112edd216d95a90afc5163269537a5aa8f514149083d2f0e	dll	Heodo
2022-04-01 07:28:06	76f2b50878bde4a143a856f4e275b2ddbdcb53427654ed074e9d4f68d5381df2	dll	Heodo
2022-04-01 07:03:29	b4e82f70a17d29407e04c48b2740023db86d60424693d0538b3e7732006d4d74	dll	Heodo
2022-04-01 06:14:30	317a504c9ce2810d14fbf2d1984d190c0007c025757f1b2d47139c3eeccd2c80	dll	Heodo
2022-04-01 04:55:24	06938a4bc59e23ddc02fdd45702fe867ad5075ae261e3492c59bb5aa72471e00	dll	Heodo
2022-04-01 04:18:36	26811ae09ca445fe583a3fbf4ac3a52ed22a5e5a6184efacead66be46b29624e	dll	Heodo
2022-04-01 03:14:51	803bde847bd8449a25162d04de7cf01e877911272e0066650ffb7e15403cb917	dll	Heodo
2022-04-01 01:54:57	58442beb6689dba98405d814a9fd48410f9f96cdd824ff27ced9a27348a0db5e	dll	Heodo
2022-04-01 00:52:15	c4c8c34974b2c2857fef5752408f55313262df031ddafa50f4c2a968c96d58b9	dll	Heodo
2022-03-31 23:55:56	b462aa28dd35d175fea4bfa34ad56b3019abceb5484ff490e024aab32290442b	dll	Heodo
2022-03-31 22:53:38	9bdb527b7a80aaf06dd3635c34316ff5f4fd1611b5b245967f0ea2f5dcc7deb7	dll	Heodo
2022-03-31 22:15:24	22a277cb9aeac1d1456bcc8f46dc4e46632dad31a823411da077658831e08149	dll	Heodo
2022-03-31 21:43:22	122781a0e95858dba79dcd4e372db37a1c6c912194b08e8e7a1b213226a96053	dll	Heodo
2022-03-31 20:40:33	d128ef44250d5d72d6341da27332743a687cee84ef4ed7590dc392f417142aad	dll	Heodo
2022-03-31 19:50:49	4927d6e46ff32fd8bec2d4e73c1aeb054b61067c06f2a15a697168ce5949481d	dll	Heodo
2022-03-31 19:15:52	34b3a4663602bd0ce069d74b3d8622b276c08813a751bdd76442980d0152e5b5	dll	Heodo
2022-03-31 17:28:05	05fda615e6dc2e5ae7e90bc7b3d49322cf187bc72eb050c8596eb706632a75c1	dll	Heodo