URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	lo.seculogo.sa.com
Domain registrar:	Sav.com
Domain registration date:	1998-06-25 04:00:00 UTC
Spamhaus DBL :	Spammer domain
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2025-05-24 23:01:06 UTC
Total malware sites :	19
Online malware sites :	0 (0%)
Offline Malware sites :	19 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-29 18:08:56	34.76.205.124	124.205.76.34.bc.googleusercontent.com	SBL656841	AS396982 GOOGLE-CLOUD-PLATFORM	BE	no
2025-05-24 23:01:12	172.93.120.11	myhijab.world	Not listed	AS393960 HOST4GEEKS-LLC	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-05-27 07:04:33	https://lo.seculogo.sa.com/docs/jqbjyhic.JS	Offline	ascii js opendir	abuse_ch
2025-05-27 07:04:10	https://lo.seculogo.sa.com/docs/lyxcwjcsd.txt	Offline	ascii opendir RemcosRAT rev-base64-loader	abuse_ch
2025-05-27 07:04:10	https://lo.seculogo.sa.com/docs/trximbxru.txt	Offline	ascii opendir RemcosRAT rev-base64-loader	abuse_ch
2025-05-27 07:04:09	https://lo.seculogo.sa.com/delivered/Eijhmtanpy...	Offline	exe opendir	abuse_ch
2025-05-27 07:04:07	https://lo.seculogo.sa.com/docs/weomodeog.txt	Offline	ascii Formbook opendir rev-base64-loader	abuse_ch
2025-05-27 07:04:04	https://lo.seculogo.sa.com/docs/x1.JS	Offline	ascii js opendir	abuse_ch
2025-05-27 07:04:04	https://lo.seculogo.sa.com/docs/zvgxsaea.JS	Offline	ascii js opendir	abuse_ch
2025-05-27 07:03:06	https://lo.seculogo.sa.com/orders/lcviygujm.txt	Offline	ascii Encoded Formbook opendir rev-base64-loader	abuse_ch
2025-05-27 07:03:06	https://lo.seculogo.sa.com/docs/Wire_Transfer_C...	Offline	opendir zip	abuse_ch
2025-05-27 07:03:05	https://lo.seculogo.sa.com/orders/WireTransferC...	Offline	opendir zip	abuse_ch
2025-05-27 07:03:05	https://lo.seculogo.sa.com/orders/PO010016218AN...	Offline	opendir zip	abuse_ch
2025-05-27 07:03:04	https://lo.seculogo.sa.com/orders/veueobbh.JS	Offline	ascii js opendir	abuse_ch
2025-05-27 07:02:10	https://lo.seculogo.sa.com/orders/Chddewmrihyrd...	Offline	exe Formbook opendir	abuse_ch
2025-05-27 07:02:09	https://lo.seculogo.sa.com/share/mgaihkwag.txt	Offline	ascii Encoded Formbook opendir rev-base64-loader	abuse_ch
2025-05-27 07:02:08	https://lo.seculogo.sa.com/share/tqrkolhnd.txt	Offline	ascii Encoded Formbook opendir rev-base64-loader	abuse_ch
2025-05-27 07:02:07	https://lo.seculogo.sa.com/share/dczdeukri.txt	Offline	ascii Encoded Formbook opendir rev-base64-loader	abuse_ch
2025-05-24 23:01:14	http://lo.seculogo.sa.com/docs/weomodeog.txt	Offline	Formbook rev-base64-loader	DaveLikesMalwre
2025-05-24 23:01:13	http://lo.seculogo.sa.com/share/mgaihkwag.txt	Offline	Formbook rev-base64-loader	DaveLikesMalwre
2025-05-24 23:01:12	http://lo.seculogo.sa.com/share/tqrkolhnd.txt	Offline	Formbook rev-base64-loader	DaveLikesMalwre

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-05-27 07:04:10	0ae2f238bd831633cc9a971550ec68508018d9fa403872dbba00d7b0289035b7	txt	RemcosRAT
2025-05-27 07:04:10	46d98610e2af32aa0670d7ba148b467562fb54a598b8f590b967fb2e4945f01d	txt	RemcosRAT
2025-05-27 07:04:09	e9eb5b546421b5932b0c44815a6273d7496c066f882830a071923a330a00fb39	exe
2025-05-27 07:04:07	fce2c41d1bd1d1afc048bdda845200ddf7748a9ea70bcd03ba3441c1561cd593	txt	Formbook
2025-05-27 07:03:06	95bc6edb486629c365cc0d92a6ca287f28f5bce56a29867224f6d7ce6b7dc76f	zip
2025-05-27 07:03:06	fce2c41d1bd1d1afc048bdda845200ddf7748a9ea70bcd03ba3441c1561cd593	txt	Formbook
2025-05-27 07:03:05	5b2de8cbeb29395a519c91083066e152011c7f20f585129b9f3903e6cf57bb23	zip
2025-05-27 07:03:05	fcda1bc34721674d35666d318de37b74d70154adc869b37a04acb5b7cd94a8ce	zip
2025-05-27 07:02:10	c39519f320198ad39fb3f6c1990594c6144484e7c86cb4b326c4e92ad65bc4cf	exe	Formbook
2025-05-27 07:02:09	38c7e40a31288c58380f68166d7c076ab2ef9cbba27bbc0d614ad9946289d636	txt	Formbook
2025-05-27 07:02:07	fce2c41d1bd1d1afc048bdda845200ddf7748a9ea70bcd03ba3441c1561cd593	txt	Formbook
2025-05-27 07:02:07	38c7e40a31288c58380f68166d7c076ab2ef9cbba27bbc0d614ad9946289d636	txt	Formbook
2025-05-24 23:01:14	fce2c41d1bd1d1afc048bdda845200ddf7748a9ea70bcd03ba3441c1561cd593	txt	Formbook
2025-05-24 23:01:13	38c7e40a31288c58380f68166d7c076ab2ef9cbba27bbc0d614ad9946289d636	txt	Formbook
2025-05-24 23:01:12	38c7e40a31288c58380f68166d7c076ab2ef9cbba27bbc0d614ad9946289d636	txt	Formbook