URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | oceanicintl.com |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Not blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-10-21 00:17:02 UTC |
| Total malware sites : | 1 |
| A record(s) observed : | 11 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-28 23:46:38 | 13.248.169.48 | a904c694c05102f30.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 |  US | yes |
| 2025-04-28 23:46:38 | 76.223.54.146 | a904c694c05102f30.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | yes |
| 2025-10-23 15:07:51 | 13.248.213.45 | a67c48129651a0940.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-10-23 15:07:51 | 76.223.67.189 | a67c48129651a0940.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-09-06 01:17:52 | 166.117.110.61 | Not listed | AS16509 AMAZON-02 | US | no | |
| 2025-09-06 01:17:52 | 99.83.161.153 | a2b7bf3398455f345.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-01-13 18:52:33 | 104.21.23.151 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2020-10-21 00:17:05 | 172.67.211.174 | Not listed | AS13335 CLOUDFLARENET | n/a | no | |
| 2020-10-22 11:08:03 | 148.72.214.107 | 107.214.72.148.host.secureserver.net | Not listed | AS26496 AS-26496-GO-DADDY-COM-LLC |  SG | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-10-21 00:17:05 | http://oceanicintl.com/cgi-bin/form/64594840428... | Offline | doc emotet  epoch3 heodo |  Cryptolaemus1 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-10-22 11:08:03 | 90828b96547b35641ebd76b91c0200f8f057974be00f528002acf24663c9991f | doc | Heodo | |
| 2020-10-21 02:21:03 | df0901fe828ab8ff739461f32f011dd20e5cf34df476de9821c56d8bc6e9528d | doc | Heodo | |
| 2020-10-21 01:53:03 | a83dce48be132b625d87853a68a56238720b2fad3e3bfb67c50bdf1d677a98dd | doc | Heodo | |
| 2020-10-21 01:30:26 | 29cdc20b4b547e832ab1e9c0eeff5b71201efe4262d8d542a8b359131f26ed1a | doc | Heodo | |
| 2020-10-21 00:59:09 | 916c5fa5d800ce852e4e0e1c215daf1e813c868e5b1d9b0c7956b16ec6649adf | doc | Heodo | |
| 2020-10-21 00:46:14 | 663930eb12ff6afb8cd3d0410fcef8fa32edf4964504e10f0cd56af546b0ecb2 | doc | Heodo | |
| 2020-10-21 00:17:05 | 470148839aa8007c61691a8cb506baef031b0bfc909e0a664bf3a94356e06208 | doc | Heodo |