URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	tomas.datanom.fi
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-06-21 05:43:20 UTC
Total malware sites :	32
Online malware sites :	0 (0%)
Offline Malware sites :	32 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2018-06-21 05:43:21	85.134.54.10	10-54.dynamonet.fi	Not listed	AS24751 MULTIFI-AS	FI	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2018-11-19 20:01:47	http://tomas.datanom.fi/testlab/LLC/En/Outstand...	Offline	emotet heodo	cocaman
2018-11-16 02:11:54	http://tomas.datanom.fi/ovning/mVsTs3tq5q1/de_D...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-11-15 13:30:13	http://tomas.datanom.fi/ovning/mVsTs3tq5q1/de_D...	Offline	emotet heodo	unixronin
2018-11-13 16:56:10	http://tomas.datanom.fi/ovning/iuUiPbCkPNUyfdcX...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-11-13 10:54:02	http://tomas.datanom.fi/ovning/iuUiPbCkPNUyfdcX...	Offline	emotet heodo	unixronin
2018-11-06 15:44:41	http://tomas.datanom.fi/ovning/US/Payments/112018/	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-11-06 15:44:40	http://tomas.datanom.fi/ovning/US/Payments/112018	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-09-27 23:03:54	http://tomas.datanom.fi/testlab/EN_US/Documents...	Offline	doc emotet heodo	unixronin
2018-09-26 03:26:04	http://tomas.datanom.fi/testlab/LLC/En/Outstand...	Offline	doc heodo	zbetcheckin
2018-09-26 02:35:06	http://tomas.datanom.fi/testlab/default/EN_en/A...	Offline	doc	zbetcheckin
2018-09-25 15:59:10	http://tomas.datanom.fi/testlab/US/Documents/09_18	Offline	doc emotet heodo	unixronin
2018-09-21 09:14:04	http://tomas.datanom.fi/testlab/427704YTQLGGZ/B...	Offline	doc emotet heodo	unixronin
2018-09-19 17:43:10	http://tomas.datanom.fi/testlab/66022HM/PAYROLL...	Offline	doc emotet heodo	unixronin
2018-09-14 04:16:23	http://tomas.datanom.fi/testlab/VJ1t3ol	Offline	emotet epoch1 exe heodo	Cryptolaemus1
2018-09-13 05:41:51	http://tomas.datanom.fi/testlab/338OXHSDP/biz/S...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-09-11 14:17:30	http://tomas.datanom.fi/testlab/338OXHSDP/biz/S...	Offline	doc emotet heodo	unixronin
2018-09-07 14:33:02	http://tomas.datanom.fi/testlab/w0qi46LyvZ/	Offline	exe heodo	zbetcheckin
2018-09-07 03:35:05	http://tomas.datanom.fi/testlab/w0qi46LyvZ	Offline	emotet exe heodo	unixronin
2018-08-28 08:34:03	http://tomas.datanom.fi/testlab/YHMLRXJ/	Offline	exe heodo	zbetcheckin
2018-08-28 08:13:14	http://tomas.datanom.fi/testlab/YHMLRXJ	Offline	emotet exe heodo	TheBuky
2018-08-23 14:03:04	http://tomas.datanom.fi/testlab/2800510GZ/oamo/...	Offline	doc emotet heodo	unixronin
2018-08-22 11:25:23	http://tomas.datanom.fi/testlab/69S/com/Commercial	Offline	doc emotet heodo	unixronin
2018-08-20 13:14:16	http://tomas.datanom.fi/testlab/2893399QPI/PAYM...	Offline	doc emotet heodo	unixronin
2018-08-17 20:54:04	http://tomas.datanom.fi/testlab/2893399QPI/PAYM...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-14 04:30:10	http://tomas.datanom.fi/testlab/3ERDownload/QK0...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-13 12:47:58	http://tomas.datanom.fi/testlab/3ERDownload/QK0...	Offline	doc emotet heodo	unixronin
2018-08-01 16:15:31	http://tomas.datanom.fi/testlab/default/EN_en/A...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-07-14 03:00:14	http://tomas.datanom.fi/testlab/default/EN_en/A...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-06-30 06:12:55	http://tomas.datanom.fi/testlab/factura-recibo	Offline	emotet heodo	p5yb34m
2018-06-28 14:58:33	http://tomas.datanom.fi/testlab/factura-recibo/	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-06-22 13:00:18	http://tomas.datanom.fi/testlab/FILE/Direct-Dep...	Offline	emotet heodo	Malware_News
2018-06-21 05:43:21	http://tomas.datanom.fi/testlab/FILE/Direct-Dep...	Offline	emotet heodo	p5yb34m

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2018-09-29 14:37:35	c1940e2957fb9e958e292b15ebda7ee2c47216be582c3e63bc4d69d052c8afc8	doc	Heodo
2018-09-22 08:02:48	fa964842244e752950fd4ed711759382a8950e13cc2794d6f73ab7eb9169e5ee	doc	Heodo
2018-08-14 04:30:10	403fdb65274fbfeccb8868e0b400f3ee2281426c7dbbdc7bdb263dff0979d704	doc	Heodo
2018-08-13 12:47:57	403fdb65274fbfeccb8868e0b400f3ee2281426c7dbbdc7bdb263dff0979d704	doc	Heodo
2018-08-02 17:19:41	0d24a0249b4a2a3fa40453f2aac7d086219f5d4f6f5a316ab857c4559d79cfb8	doc
2018-08-01 20:36:55	207f084b0cc2eb26c4a7c680a886e3f9bd65f45eed695d504743d6bbaafa9856	doc	Heodo
2018-08-01 16:35:59	e1e6f47f76667d41ff54aa4b94741b5a0faccc5ef1a002694b83a0816ab7722f	doc	Heodo
2018-08-01 16:15:31	ddfa667a6805bf8b9216feb8df15b1590c340914d7142aa142ecb858d117ba9b	doc	Heodo