URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	rotaon.com.br
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-02-04 13:20:05 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-28 21:30:37	69.49.241.50	69-49-241-50.unifiedlayer.com	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	yes
2025-05-01 10:18:01	103.169.142.0		Not listed	AS209242 CLOUDFLARESPECTRUM	AU	no
2020-02-04 13:20:08	68.183.153.178		Not listed	AS14061 DIGITALOCEAN-ASN	US	no
2020-02-06 05:08:08	68.183.147.132		Not listed	AS14061 DIGITALOCEAN-ASN	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-02-04 13:39:34	https://rotaon.com.br/wp-includes/css/attachments/	Offline	doc emotet epoch2 heodo	spamhaus
2020-02-04 13:20:08	https://rotaon.com.br/wp-includes/YCRHb3L_6hpoE...	Offline	doc emotet epoch1 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-02-05 12:23:42	1c96dc2ca50755af8de45649f800c5bc8afe690dec831035e2c9c004447e2e63	docx
2020-02-05 01:54:38	763a0477b07bc5925418bb1f05da92fccd81b06da09316f2ba16e2f3ff3cd2d1	docx
2020-02-05 01:54:37	46c2cfdb75d3b19f9b56aa402451f4dc176c0c13ac6e167df6535e59387c382a	doc	Heodo
2020-02-04 23:20:33	72f4f5e9da9b5bdb21aca95cf1f4a1fe70f0b46f1bb06362050575f2b89bba19	doc	Heodo
2020-02-04 23:20:33	f2d5330b5aa423a1c21c6f960154447080fb0b6a7747307519ce8d57a310d1a0	docx	Heodo
2020-02-04 23:14:04	f189891eacbacefcd510376ad44060a48962b25cfabcdd82b7845acdb512bab8	doc
2020-02-04 23:14:03	d47c77d9d0def102dd934260114120e0bd5fd719e88480dda4a53342cc6701e0	docx	Heodo
2020-02-04 22:02:35	e7f9815f92e7cc94121a968c79606d06bac0b134593d51cf2defc641e1f34865	doc	Heodo
2020-02-04 22:02:33	ec4146a69e81f690514da6199f759c184964dbe031f6ca7850b4af5d0d365150	docx
2020-02-04 21:00:28	ba1ad7a3f3d3f24d4862ca8b73df68f7e30f04153cc87040d51e2943af746c09	docx	Heodo
2020-02-04 21:00:27	cf00a0e13bdc326ecf08bd0238ee35c3600642133c7f84f69b0434aa63bfa291	docx	Heodo
2020-02-04 20:30:27	0a3331f85d68d010c3394eb3cab2f6a6d6323044bc49e26af640d7c025a64d58	doc	Heodo
2020-02-04 20:30:24	226e3d9397801a0c20fc12e65373887d6b8e32d5d47ea818a8b891be4513e330	doc	Heodo
2020-02-04 19:28:34	2bd9c05ea5ee7438175c8719cb9dcf44f80427e18cbbf2673d6b0c588e5c71df	docx	Heodo
2020-02-04 19:28:31	b652230d0ab5eba2fd05573b7ef10013f6563c1bb9f64d5f5106b15cc8a5ade7	docx	Heodo
2020-02-04 18:27:32	51de2ffabdc12f8de2065b26504dfc5b08f4450a5df357d6bb931f50029b5205	doc
2020-02-04 18:27:25	265e4a2697fbfecc43edb76419d9e4a8928492d01b548cd7d6804226d6b2a593	docx
2020-02-04 17:21:22	786563efb876e891aa804967d96e0a176417ad2c731e93a1fd788cc7d15d57a7	docx
2020-02-04 17:21:22	c982de067a39609887af77ce1ee6464dd34d3f224cd39f4b9f882ff50523491c	docx	Heodo
2020-02-04 14:56:28	167323f590c8eea01e897581a3de8e00606c176ff6518fd3ac0a3d64dd2e7d9a	doc
2020-02-04 14:56:28	cddc2ee595ca92aa106c8898a080d899f90b317f530739555c275d059afbd9e9	docx
2020-02-04 13:39:34	ed6fe435d8858c9022bba057c44d5c167d0e3be265432ec2a6e6e7566a2b14b2	docx
2020-02-04 13:24:11	b71394268acf3acca757143450d5ccc9030bb60cd3e5e9e3245f81fa1b63e757	docx
2020-02-04 13:20:07	3e2e9a5442d6c6826dad3dd23433234eb8d095c3ee6f0cde53e92e675e6f8822	docx	Heodo