URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | office-updates-index.com |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Not blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-04-01 08:54:03 UTC |
| Total malware sites : | 5 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 5 (100%) |
| A record(s) observed : | 13 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2020-04-02 07:27:48 | 91.215.169.52 | Not listed | AS49693 BEST-HOSTER |  RU | no | |
| 2020-04-02 16:09:13 | 95.142.39.15 | vm559882.eurodir.ru | Not listed | AS210079 EUROBYTE | RU | no |
| 2020-04-02 09:26:55 | 37.140.197.39 | 37-140-197-39.cloudvps.regruhosting.ru | Not listed | AS197695 AS-REGRU | RU | no |
| 2020-04-02 07:27:46 | 37.230.115.190 | uffu.site | Not listed | AS29182 RU-JSCIOT | RU | no |
| 2020-04-01 22:26:42 | 82.118.22.138 | Not listed | AS204957 GREENFLOID-AS |  PL | no | |
| 2020-04-01 18:29:47 | 193.32.188.169 | free.ds | Not listed | AS50053 VDSKA-AS | RU | no |
| 2020-04-01 18:29:44 | 89.191.225.200 | Not listed | AS211183 AdminVPS | RU | no | |
| 2020-04-01 16:15:19 | 95.142.44.187 | vm376988.eurodir.ru | Not listed | AS210079 EUROBYTE | RU | no |
| 2020-04-01 16:15:19 | 89.108.65.107 | mixtop.ru | Not listed | AS197695 AS-REGRU | RU | no |
| 2020-04-01 08:54:05 | 31.41.44.175 | free.cishost.ru | Not listed | AS56577 ASRELINK | RU | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-04-02 07:46:27 | http://office-updates-index.com/max.bin | Offline | encrypted GuLoader  |  abuse_ch |
| 2020-04-01 09:19:33 | http://office-updates-index.com/Attack.jpg | Offline | Encoded | abuse_ch |
| 2020-04-01 08:55:04 | http://office-updates-index.com/front.bin | Offline | encrypted |  oppimaniac |
| 2020-04-01 08:54:11 | http://office-updates-index.com/Report.rtf | Offline | RTF | oppimaniac |
| 2020-04-01 08:54:05 | http://office-updates-index.com/File.vbs | Offline | vbs | oppimaniac |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-04-02 07:46:25 | 37f0846404ec9156d93c1eb3870d9055174112454b79fae7f5f877ce57cacbf2 | unknown | ||
| 2020-04-01 09:19:33 | 48886181c00938bf03eedf0c9e5b0ddd9ef50af41d36a72f2585f0fbab0e76b7 | txt | ||
| 2020-04-01 08:55:04 | b0cc6f5f365f2afcc63468bdb6515db165c299aa5354c5124a20636588b37e85 | unknown |