URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | office-archive-index.com |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Not blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-04-21 09:01:32 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
| A record(s) observed : | 7 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2020-04-21 22:02:10 | 45.143.138.118 | h4ckit.ru | Not listed | AS47196 Garant-Park-Internet |  RU | no |
| 2020-04-22 14:35:40 | 185.14.31.113 | Not listed | AS21100 ITLDC-EU |  NL | no | |
| 2020-04-22 10:58:17 | 81.29.134.80 | host-81-29-134-80.iqdata.center | Not listed | AS12555 IMAQLIQ | RU | no |
| 2020-04-22 08:54:19 | 92.242.40.54 | Not listed | AS49063 DTLN | RU | no | |
| 2020-04-21 11:49:07 | 45.143.138.53 | Not listed | AS47196 Garant-Park-Internet | RU | no | |
| 2020-04-21 13:19:46 | 5.34.178.187 | free.ds | Not listed | AS8254 ROUTE95 |  US | no |
| 2020-04-21 09:01:36 | 91.215.170.228 | reros.biz | Not listed | AS49693 BEST-HOSTER | RU | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-04-21 18:02:17 | http://office-archive-index.com/Attack.jpg | Offline | opendir |  p5yb34m |
| 2020-04-21 17:58:09 | http://office-archive-index.com/Scan.rtf | Offline | opendir RTF | p5yb34m |
| 2020-04-21 17:57:06 | http://office-archive-index.com/2.bin | Offline | bin opendir | p5yb34m |
| 2020-04-21 09:18:13 | http://office-archive-index.com/Payload.docx | Offline | doc ta505  | oppimaniac |
| 2020-04-21 09:18:06 | http://office-archive-index.com/Projekt.rtf | Offline | RTF | oppimaniac |
| 2020-04-21 09:16:12 | http://office-archive-index.com/tesla.exe | Offline | AgentTesla exe | oppimaniac |
| 2020-04-21 09:16:07 | http://office-archive-index.com/putin.vbs | Offline | vbs | oppimaniac |
| 2020-04-21 09:01:36 | http://office-archive-index.com/Scan.wbk?raw=true | Offline | RTF | oppimaniac |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-04-22 07:26:37 | 927f4431ccbdcb6a1b5751440ca017f8bce92ae1b5a6ec676bc01fc444f760db | txt | ||
| 2020-04-21 18:02:17 | 19879e2cab37da9391f9ea806ed28f1eae95da2d4fcdd5c2bea76da9d604b853 | txt | ||
| 2020-04-21 17:57:06 | 16fc9e83e217aa6b8f14a5fdcc23102ec1692998625baf47272255bafc44a61c | unknown | ||
| 2020-04-21 09:18:13 | 281896c20c9ae01b1a4ddc590c5cec454865cd95aaa7e53aac436a3b89889486 | docx | TA505 | |
| 2020-04-21 09:16:12 | b27fd2cbe483e550851bc677136273b638ca49ac2bf58e64e51ca1db6763f387 | exe | AgentTesla |