URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	jantatenthouse.com
Domain registrar:	GoDaddy
Domain registration date:	2009-07-13 08:25:21 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-11 20:35:04 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-10-01 15:36:56	154.23.56.59		Not listed	AS54801 ZILLION-NETWORK	US	no
2022-07-19 13:06:57	34.98.99.30	30.99.98.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2022-01-11 20:35:05	34.93.157.87	87.157.93.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	IN	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-19 22:16:05	http://jantatenthouse.com/b/CRrv4sHEF0tvL5/	Offline	emotet epoch4 redir-doc	Cryptolaemus1
2022-01-19 22:16:05	http://jantatenthouse.com/b/CRrv4sHEF0tvL5/?i=1	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1
2022-01-17 16:18:10	http://jantatenthouse.com/b/sMf1SVLl/	Offline	dll emotet epoch5 heodo	Cryptolaemus1
2022-01-11 20:35:05	http://jantatenthouse.com/b/LFs9xCKYIKFkcf/	Offline	emotet epoch4 redir-doc xls	waga_tw
2022-01-11 20:35:05	http://jantatenthouse.com/b/LFs9xCKYIKFkcf/?i=1	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-19 23:02:20	4f48ef3036b8e2b724cbf9ec618f35baf7cb5e2017dc5fae4825659a28b58e68	xls		SilentBuilder
2022-01-19 22:39:03	9395907b748740960ac38d3ba4faeb6248b7953da69f834daff192bb2ff1fff6	xls		Heodo
2022-01-19 22:32:25	33bcc678281337839c7121adf32e1ea0fab2974709ab30d0099e4bbd147916b6	xls		Heodo
2022-01-19 22:16:05	931c80255eb9df794e3bcf120d96baaf081417df4dbfc06a843d3999c9da8df9	xls		Heodo
2022-01-19 22:16:05	7db7e5d0e151f7d82ebc7bbf874a9964e638a9c74d83b3c05b276b69acdcea1c	html
2022-01-19 02:00:30	9dbe92c79ccef09d813d967937a85829ff5cf8bd4aceed533e1250c6fd15f880	dll		Heodo
2022-01-17 16:18:10	3722d5ae851071da6f65b02ad87d0e46c4d6ba2970570bb78c9eaf9832ddde99	dll		Heodo
2022-01-12 05:28:36	aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bd	xls		Heodo
2022-01-12 04:54:51	8b94dd69ca6e5efb2d8bb26087ceb69999edf23d9a83f17f2b98628a4b4c3c3e	xls		SilentBuilder
2022-01-12 04:35:45	9960d32985df1b5cfa49908148f8ca999ff3b82aff1645280ff9f71ca61f2805	xls		Heodo
2022-01-12 04:11:04	228b8793653662088991f7cfa3b368bce32931a7516a2f8c7188a437eb03a856	xls		SilentBuilder
2022-01-12 03:46:53	ab10f99205c871817f94e6f2e7a2c654504a2bfde5ed375401a200735694560c	xls		SilentBuilder
2022-01-12 03:22:58	a2e46bd725971c0f4523b843025a290e22e9870fa1808c348a81649410a3e704	xls		SilentBuilder
2022-01-12 02:39:46	046d125d4eaf4ae30ad4a794405fd7c905b58db18824dfbe24dff1cd4cfd13b6	xls		SilentBuilder
2022-01-12 02:18:35	769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968	xls		SilentBuilder
2022-01-12 01:52:36	9b11e81f1bfc3f451bbdd806e824f0d31da068337b6cb9917dd053e1ee6f1e80	xls		SilentBuilder
2022-01-12 01:27:43	532105c51f0f4b68350191b68f17d6226112e97f273af215511a517604a1770e	xls		SilentBuilder
2022-01-12 01:06:54	9d277bf6e9b937c6b9d79db16b78f65ef5346b79c5c68fd3fda71a4e18171fe7	xls		SilentBuilder
2022-01-12 00:35:54	f9cbf3cdfa7ed91bca677fd8d8e1f0f53c193323abfbbb1ce4d7c6d2f1b9feea	xls		SilentBuilder
2022-01-12 00:09:15	f710943ccdadad818f80e208b3ea05bb57523b5ca7ff2e9647abe730a65afe5f	xls		SilentBuilder
2022-01-11 23:48:14	5dd8cf32347063a7b6b80c824526d1f58a3b8c99344eaea74dad15d687395f64	xls		SilentBuilder
2022-01-11 23:19:24	bfe1c65501eb9a22ea914fe380d24127cdf99ce17fc20683f99a7b1e0ccc06f8	xls		SilentBuilder
2022-01-11 23:05:16	5c5fd037c414e33a6538da72a5ea4ae89c8dac15b396b6a10e8504a0b5a7ee75	xls		Heodo
2022-01-11 22:42:10	e48f10cc12e08a32f523982c024f49dca076b06c6bd47b5cdf3d43aee5097091	xls		Heodo
2022-01-11 22:10:11	f062c2a1622bb6bbddf6250cae210e3c341320104c09b649e9748bb7ad87c232	xls		SilentBuilder
2022-01-11 21:34:03	244f3b421f675868b3b87f562c2b307e3f4c3b914d67008406a8f9ed0594b4c1	xls		SilentBuilder
2022-01-11 21:12:30	c7cc8c98988b0b5cdbd103db7c61f01a6e92f96f525c36f15bfaae039bb46cd7	xls		Heodo
2022-01-11 20:50:30	b5d8116e0b4f01eb2affa09d857d1be4df2e18dd793e4ab0b6ad28e0d5eadc15	xls		Heodo
2022-01-11 20:35:05	9ae0b2a279b08133db8f3d30963f0ea2dd53d53aa79193f324dad30ed79db1be	html
2022-01-11 20:35:05	6051bac0a45f9a4940144b50ee0f6756c759129635b6e7b1699534cabff7e11c	xls		SilentBuilder