URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	hexagon-hotel.loyalty.com.hk
Domain registrar:	n/a
Domain registration date:	2005-02-17 00:00:00 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-11-17 09:36:06 UTC
Total malware sites :	1
A record(s) observed :	231

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-11-27 10:29:22	13.250.30.94	ec2-13-250-30-94.ap-southeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	SG	yes
2021-11-24 22:26:49	18.169.124.243	ec2-18-169-124-243.eu-west-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	GB	no
2021-11-18 14:49:17	108.139.210.110	server-108-139-210-110.fco50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2021-11-18 14:49:19	108.139.210.24	server-108-139-210-24.fco50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2021-11-18 14:49:15	108.139.210.68	server-108-139-210-68.fco50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2021-11-18 14:49:20	108.139.210.72	server-108-139-210-72.fco50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2021-11-18 14:15:49	13.32.214.106	server-13-32-214-106.atl56.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2021-11-18 14:15:49	13.32.214.89	server-13-32-214-89.atl56.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2021-11-18 14:15:48	13.32.214.9	server-13-32-214-9.atl56.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2021-11-18 14:15:50	13.32.214.94	server-13-32-214-94.atl56.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-11-17 09:36:14	http://hexagon-hotel.loyalty.com.hk/wp-includes...	Offline	doc emotet epoch4 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-11-17 09:36:13	06012c700c1dac4c122303e920fdf1c71c41e681673c241c9698e5766df275a8	docm		Heodo