URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	goodfellas.me
Domain registrar:	GoDaddy
Domain registration date:	2020-03-03 20:03:05 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-13 00:52:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-28 03:54:22	185.230.63.107	unalocated.63.wixsite.com	Not listed	AS58182 wix_com	US	yes
2025-04-28 03:54:22	185.230.63.171	unalocated.63.wixsite.com	Not listed	AS58182 wix_com	US	yes
2025-04-28 03:54:22	185.230.63.186	unalocated.63.wixsite.com	Not listed	AS58182 wix_com	US	yes
2022-01-13 00:52:17	79.142.73.145	s15.dukahosting.com	Not listed	AS51430 ALTUS	NL	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-13 00:52:17	https://goodfellas.me/content/74475874-5200816/	Offline	emotet epoch5 redir-doc xls	sugimu_sec
2022-01-13 00:52:17	https://goodfellas.me/content/74475874-5200816/...	Offline	doc emotet epoch5 heodo	sugimu_sec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-13 14:04:19	109868bbf981851bac44548c11bee90f08fd3c83e06c9b9539f568e047f45e0a	xlsm		Heodo
2022-01-13 13:23:39	399fd8ce9218a6b24bbf3c9e307934df9b2954d45119371365be1360c88ec6f5	xlsm		Heodo
2022-01-13 12:11:10	1837567c1c4771488aaff8602f2c98711463d9afd7dbe2a3ab3413e37e30f610	xlsm		Heodo
2022-01-13 11:40:12	cd1b8b06a27b93f21a8da161ab4af2768ecdcbe5f8f5122d89c33caf145da46c	xlsm
2022-01-13 10:46:24	726be01c1600c33b9a3d322885ca12383ec5b64546bb389670176f77f7faf162	xlsm		Heodo
2022-01-13 07:31:11	27142990970a1968021bca00b4005ef206e3a553179b2e717e82ebfe8a8af1b9	xlsm		Heodo
2022-01-13 06:50:12	49ec26f8a352003e43a32615495ae4554e0bb8485ef889e7ba57cf869f026c4c	xlsm		Heodo
2022-01-13 06:42:29	259272a5032f537239c61ba1c8b5bdd26e8e6c4f1ec9b54ee52eaeeac5f5690c	xlsm		Heodo
2022-01-13 05:39:30	9eb7d16794f6e4e2e701458af298b2b16c91a04dd45361cc306f32bc5fd25491	xlsm		Heodo
2022-01-13 04:46:00	32d200a99b9495fe0dfcab75190eb5fcb348e6fa879763d132c924fe25bfc799	xlsm		Heodo
2022-01-13 04:15:28	cffc89330574a0b7d5096c64bff0483e4dbc38d09be06dd3fd4cafca0a4e99ed	xlsm		Heodo
2022-01-13 03:56:09	876844b7e19d8b57429b07b92fd1092f3847f3e2521cb00e52b9a418fab8b6a1	xlsm		Heodo
2022-01-13 03:22:35	d9d0e65da97a353a9cc189af41082ae0bf1dff0acb39bb620a34ddb0c642ac79	xlsm		Heodo
2022-01-13 03:15:26	69af6706b85f8b7530add4d0277acf97e3f30aa8240e27adf3c97ba52581e86c	xlsm		Heodo
2022-01-13 02:25:47	7d631c017cb37c772f9ec3a267d89dc26eb44eaf38e4fc579d90bf739878c8f2	xlsm		Heodo
2022-01-13 01:56:58	638c333549cd204d298c9443eb29055edf4bc9e420895fa088aef37f7b2668fe	xlsm		Heodo
2022-01-13 01:34:34	1fc7f3374c25268b7040c919649cff96394322307f0b9156431e2200d78bba77	xlsm		Heodo
2022-01-13 01:13:58	cb57d02722993dd10fe56d30e2b0675417684cdc6308212c9e30035f95e257dd	xlsm		Heodo
2022-01-13 01:07:51	74d5c7f7b4fb4055de51780c051eff8592ac706105ecb6852dc5100690910f2e	html