URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	niagarabeveragesintl.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-01-28 19:59:06 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	11

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-04-06 16:33:17	70.32.1.32	ip-70.32.1.32.hosted.by.gigenet.com	Not listed	AS32181 ASN-GIGENET	US	no
2020-04-06 13:50:20	170.178.168.203	becrawl-show.flatreutic.com	Not listed	AS46844 SHARKTECH	US	no
2020-04-03 21:56:43	103.224.212.222	lb-212-222.above.com	Not listed	AS133618 TRELLIAN-AS-AP	AU	no
2020-04-03 10:58:24	184.168.221.37	37.221.168.184.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2020-04-03 16:53:55	50.63.202.55	55.202.63.50.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2020-04-03 14:56:00	50.63.202.48	48.202.63.50.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2020-02-26 19:48:18	50.63.202.93	93.202.63.50.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2020-02-26 09:48:26	184.168.221.72	72.221.168.184.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2020-02-27 09:47:01	50.63.202.72	72.202.63.50.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2020-02-25 19:48:43	184.168.221.88	88.221.168.184.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-01-31 07:07:39	http://niagarabeveragesintl.com/wp-includes/O8M...	Offline	emotet epoch1 exe heodo	Cryptolaemus1
2020-01-28 19:59:07	http://niagarabeveragesintl.com/wp-includes/par...	Offline	doc emotet epoch2 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-01-31 15:24:31	a3a6c466d8ffc2de6fd8a183447f48bbfbbdbf7d1fcdceb329f9f55a4d7e7046	exe	Heodo
2020-01-31 14:07:34	5bdf911168999f9dab58df8bdf9fb3a871aeda296f98e76389f8f51a4e235ffc	exe	Heodo
2020-01-31 14:03:30	fd8213b82bce41fefd68d3f851477ce5516b91578357fca7ca5b9d2c360c771a	exe	Heodo
2020-01-31 13:03:23	678ad34b66037d0cc68e34b6f254dad9f754c80e6a1dc8f07b2794464667ee28	exe	Heodo
2020-01-31 11:54:44	6cc67ae2e711b5e074dbfa67d6c6c46201723d450780136c195dc6ebd2ec6e3e	exe	Heodo
2020-01-31 11:46:58	395c0613518c8decf1d178fdfc048e64c0278f11f786b23858eebd4617cea828	exe	Heodo
2020-01-31 10:23:30	e5363b75a74eaf9840090e0235177597f99c8eb9979ca6ca0f1e5c51a3629b27	exe
2020-01-31 08:58:08	0e0ba51476d7a9b04fd27af3ea2f41d98da868fcc93744636461ace1da62af45	exe	Heodo
2020-01-31 07:26:24	830471aa79174dc45b88dba2fe1f209c8927ff0251da09bd8ccdcff8d8978c16	exe	Heodo
2020-01-31 07:07:39	4ac2921ff4a8c39711f1acdf73883fb4e68027eba3b529b281cd09e4a31de0a0	exe	Heodo
2020-01-30 20:36:08	41d7d8450ba92b705956b17ebfd32401af35a2c2f9b62f6e3fefaa94b28b221c	docx	Heodo
2020-01-30 19:04:43	c90fc7d70c1b04154fb0b6126ac7c84b69124490b316d2bb1464819f762b91e3	docx	Heodo
2020-01-30 18:27:20	611b61e85ab9310c2505343ac628cd673211889dfac279ebeb487fb74fdc647c	doc	Heodo
2020-01-30 17:46:27	2ed3e7339bcd47696c7e39141d9f8aa046e17ae3ef6da5023bd5244b318cae1e	docx
2020-01-30 16:36:34	40520f763acb971389175978656d2f9c5d0b79e32f996b497f7748a0891ce742	docx
2020-01-30 15:36:27	024971076d176b3083c588a0dac66a884220a800c5e08afbd1b1a0e410b7dd31	doc
2020-01-30 15:04:54	72632cbb5a52904f9f0b8d201344958a9668ef1f52518be67520555eab7d0660	docx	Heodo
2020-01-30 13:50:40	290d3690ee3c4ff7b1fed9eb921be4b452b97a41f99ebce231e65df9dd14714f	docx
2020-01-30 12:21:15	0e8bf4227a4711a00bdef9eecc715129b94f89647c1606b0826974f91b00c90b	doc	Heodo
2020-01-29 16:09:04	135e6e64bd7742b372ada6b825319eb55fa6081a563f2bb5b8c41b146badb7e9	doc	Heodo
2020-01-29 14:59:22	e18317c574e19a90bb705a85073532bd2ec510834ab8698ca864112a79aca9d2	doc	Heodo
2020-01-29 13:27:57	2974d01a1a4da0562902c3971327dcc14301362344429bb27e64548127418106	doc	Heodo
2020-01-29 11:57:54	c39aa63290c4b66475a91f31655d381cb05d871f118ec9c5128f64d19dadd59f	doc	Heodo
2020-01-29 10:25:48	0ecee5bf68cc63fa4be97a02959091ef6d16df3f32ef3e438a8936658c9e4fee	doc	Heodo
2020-01-29 08:53:51	d42397f2c35dd3c7b8b6b015e39fb702baf614c404463137e12ad718fa899956	doc	Heodo
2020-01-29 08:06:56	3bf12769229661d5dd0a25950302e189697b914c141c2afd1b39219a381a4bec	doc
2020-01-29 07:22:46	4e89efad89df0f1d9b0774bf71616623134ab1dac90d2d40a213a7fc915ac7f4	doc
2020-01-29 06:01:41	a29ffa3c4cece33a8bb942606525a7dc279ee36fb1ee9946d794c97797310494	doc	Heodo
2020-01-29 05:08:51	97d6f36f1a2140ff95758eb24bf1068fcb9598f5430b0ae539ade4625af20f09	doc	Heodo
2020-01-29 04:34:44	ffd3f8953405d09591f2cc74659cb8d274ea7fadc6d3b0a5827115476b0b07a5	doc	Heodo
2020-01-29 03:03:33	bcb689d8bd11a69debf1f16db09a8d7f2d101b7fc3c8624a23b10619acc2ee59	doc
2020-01-29 02:06:26	130a5ecbb3f69579a5aa81511bab80615debda2fbc9c723f1d0303fa44013a4e	doc
2020-01-29 01:43:51	c5b333f57b6a77143f6ba5eeecc8a8d74cb86ec487e5b251980e2b56bf531a47	doc	Heodo
2020-01-29 00:12:26	7f7aba8e36a867838662aeef7616c3f3f0fdcb4b7e8137aec4d210f150531ec8	doc	Heodo
2020-01-28 22:51:19	a768334238eb428ba939774e8b3d10516352014e7eced32c45b5d33fdc612dea	doc	Heodo
2020-01-28 21:47:22	3264ebc9fda91c4c3d44999fbfdca58327a2ce429665a0c124557f2c37a8557a	doc	Heodo
2020-01-28 20:30:23	69870612eec211dca6a4b7da2289fae4d1560824eeaf57088fc35b6c124c4804	doc
2020-01-28 19:59:07	d38ae2a9f1cad9193a4d75a93567afda7d83c7b95c8563281bab3fd0a9d22716	doc	Heodo