URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	santafetails.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-05-30 00:02:01 UTC
Total malware sites :	20
Online malware sites :	0 (0%)
Offline Malware sites :	20 (100%)
A record(s) observed :	7

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 12:58:30	104.21.61.170		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-04-27 12:58:30	172.67.212.95		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2018-09-28 09:49:10	45.60.22.79		Not listed	AS19551 INCAPSULA	US	no
2018-09-28 09:49:10	45.60.98.79		Not listed	AS19551 INCAPSULA	US	no
2019-09-02 22:00:37	50.63.202.76	76.202.63.50.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2019-09-02 21:51:32	184.168.221.82	82.221.168.184.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2018-08-27 13:05:10	http://santafetails.com/dcz6vEs	Offline	emotet exe heodo payload	Cryptolaemus1
2018-08-27 08:12:08	http://santafetails.com/default/US_us/Open-invo...	Offline	doc emotet heodo	Anonymous
2018-08-21 04:43:56	http://santafetails.com/10RMVJDFCW/biz/Business	Offline	doc emotet heodo	Cryptolaemus1
2018-08-10 09:21:07	http://santafetails.com/default/US_us/Open-invo...	Offline	heodo	zbetcheckin
2018-08-10 04:21:14	http://santafetails.com/default/US_us/Open-invo...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-09 05:53:19	http://santafetails.com/PAY/FKIR98781211579LC/1...	Offline	heodo	zbetcheckin
2018-08-07 10:25:03	http://santafetails.com/PAY/FKIR98781211579LC/1...	Offline	doc emotet heodo	Anonymous
2018-08-01 16:13:57	http://santafetails.com/default/Rechnungs-docs/...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-07-02 21:00:25	http://santafetails.com/Independence-DAY/	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-07-01 14:47:08	http://santafetails.com/Invoices-docs/	Offline	heodo	JayTHL
2018-06-30 06:11:47	http://santafetails.com/Past-Due-Invoices-06/28...	Offline	emotet heodo	p5yb34m
2018-06-28 14:58:27	http://santafetails.com/Past-Due-Invoices-06/28...	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-06-26 13:17:30	http://santafetails.com/DOC/Rechnungsanschrift-...	Offline	emotet heodo	Malware_News
2018-06-22 22:42:04	http://santafetails.com/Fakturierung/Erinnerung...	Offline	doc emotet heodo	Cryptolaemus1
2018-06-21 13:03:31	http://santafetails.com/Fakturierung/Erinnerung...	Offline	emotet heodo	Malware_News
2018-06-18 13:34:07	http://santafetails.com/Rechnungs/	Offline	doc emotet heodo	Cryptolaemus1
2018-06-13 21:37:03	http://santafetails.com/IRS-Transcripts-04/46/	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-06-11 22:28:08	http://santafetails.com/lKcxC0V/	Offline	emotet epoch1 heodo payload	Cryptolaemus1
2018-06-04 07:14:17	http://santafetails.com/UPS_FR-04/06/2018-012R/31/	Offline	doc emotet heodo	abuse_ch
2018-05-30 00:02:06	http://santafetails.com/Facture-impayee-29/05/2...	Offline	doc emotet heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2018-08-02 17:21:18	0d24a0249b4a2a3fa40453f2aac7d086219f5d4f6f5a316ab857c4559d79cfb8	doc
2018-08-01 20:38:13	ddfa667a6805bf8b9216feb8df15b1590c340914d7142aa142ecb858d117ba9b	doc	Heodo
2018-08-01 16:37:28	e1e6f47f76667d41ff54aa4b94741b5a0faccc5ef1a002694b83a0816ab7722f	doc	Heodo
2018-08-01 16:13:57	207f084b0cc2eb26c4a7c680a886e3f9bd65f45eed695d504743d6bbaafa9856	doc	Heodo
2018-07-02 23:56:09	98be60ec830e2f1974e8d7ddd3626e88ad60476a36d3344662a08f1c9fb83182	doc	Heodo
2018-06-30 08:36:01	027c6eff88fad90897f116eb96b21980bdf0d89f36f72df4960726e3334331c6	doc	Heodo
2018-06-30 07:25:30	027c6eff88fad90897f116eb96b21980bdf0d89f36f72df4960726e3334331c6	doc	Heodo
2018-06-29 21:50:14	276e5e230766222ed208b1d4d1bd994acc2e763ca71c6d28f41a17988375d099	doc	Heodo
2018-06-15 20:09:38	f5e86722c4805df0eba25b8d85607fe0ea03422c9e60b5a4f6285b0027f03582	doc	Heodo
2018-06-15 14:57:58	10b4c1ae0adc1a115d3912e20347e928100ed65741b74d9430004405644c8864	doc	Heodo