URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	updatesgarmin.com
Domain registrar:	NameBright.com
Domain registration date:	2021-11-26 19:02:24 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-03-01 08:25:04 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	6

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2025-04-27 16:48:13	104.21.1.182	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-04-27 16:48:13	172.67.129.178	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2022-03-21 18:04:15	104.21.52.23	Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-03-21 18:04:15	172.67.194.78	Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-03-01 08:25:04	104.21.79.247	Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-03-01 08:25:04	172.67.150.83	Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-03-01 09:41:04	https://updatesgarmin.com/c/X5oK7bz/	Offline	emotet heodo	JAMESWT_MHT
2022-03-01 08:25:04	http://updatesgarmin.com/c/X5oK7bz/	Offline	dll emotet epoch5 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-03-01 16:22:23	98ff36313f4ae111966ea3584c1a9021c3ea6be13935f1485949dd69555250fe	dll	Heodo
2022-03-01 16:01:16	e4c4dcca251e2310e44aa93f81057b3b15dc27cfb036a4c234a178f8afe73709	dll	Heodo
2022-03-01 15:13:23	5e997093b5eb50582d79a51afcd41fd145edcac935d7ab2aa8be5277c8cd03bd	dll	Heodo
2022-03-01 14:46:52	5b843bab058e9fe5b5f269b5ce6019a426719866a29445fa8fe4465de196a4d1	dll	Heodo
2022-03-01 14:23:54	9b18bb21e7bacaee4ad3a1582949e512304490d46ea56327e3e26c3884bcdc01	dll	Heodo
2022-03-01 14:06:13	d064ce17f078d1492f40d7d968f4c796fb8c38c9fb06cb17aaff8df172b9c7b0	dll	Heodo
2022-03-01 13:42:52	f6a032f5df449ec86a47ab24266499a0e4ae00da591d7cf233faa54b56e11cbe	dll	Heodo
2022-03-01 13:25:05	684fe82407e7893e7bd79856380691b47394745a234069e24f3d15cc49ca5b87	dll	Heodo
2022-03-01 12:51:28	feb8f2202543f98969cc4840cad0e120981577a8e698a0c9e50a8a68f4e7015a	dll	Heodo
2022-03-01 12:36:11	2b176502d79f3f09f38c07fd61c46546d2cb76b76c1e0a2b5d928d35a293b35e	dll	Heodo
2022-03-01 11:48:57	f1cd058b4ecc7b9cccbe8637d5a229c970f0613acfd6683e0913a5f007bfceb7	dll	Heodo
2022-03-01 11:10:34	329efea3adc02bc65c90822bc806668313134696b62925950336626d15368432	dll	Heodo
2022-03-01 10:30:02	66d05a8768f43a23342451af0e1c276530bb9f283346665c9b9308c7e1645f4f	dll	Heodo
2022-03-01 10:14:12	cb4402ff5ab62a22c3cf2b26c5099ed454f96f7c6a14dd6f329708648e20eac5	dll	Heodo
2022-03-01 09:41:04	32ef028b2e99fb24ef94aff64146be956152bcce5c1ab8af91f5023f89e71f56	dll	Heodo