URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	via.ekdevcenter.com
Domain registrar:	Gandi
Domain registration date:	2017-04-10 12:54:44 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-11 16:29:04 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-05-23 23:34:17	199.59.243.223		Not listed	AS16509 AMAZON-02	US	no
2022-01-11 16:29:08	217.70.186.101	gpaas1.dc2.gandi.net	Not listed	AS29169 GANDI-AS	FR	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-11 16:29:08	http://via.ekdevcenter.com/wp-admin/IxXzpOeQZP/	Offline	emotet epoch4 redir-doc xls	waga_tw
2022-01-11 16:29:08	http://via.ekdevcenter.com/wp-admin/IxXzpOeQZP/...	Offline	doc emotet epoch4 heodo SilentBuilder	sugimu_sec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-12 04:57:29	aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bd	xls		Heodo
2022-01-12 04:31:17	ab506a8e25b64558a0069af7f78035c4ae3848d8873a5ddd3542d01d2e195565	xls		Heodo
2022-01-12 04:11:44	d57efe94adedaeac797cbb79d71e10325536f42c27c9cf5154fddaeb7bc797be	xls		Heodo
2022-01-12 03:49:34	f73b8e79809cb64463d53b4ecd9dd6b93721ce156d434bebcdc63bebb23eff07	xls		SilentBuilder
2022-01-12 03:16:35	3f4b1c98cb91608ce0ef51a77efb1ba624e38ff17e01567f9d61747a5e49421d	xls		Heodo
2022-01-12 02:45:11	bfef414d160297040d78c63e659994d668374244c68cdf1ff2220420460fc9e2	xls		SilentBuilder
2022-01-12 02:08:45	e74813a3530752434c9dae40f5f1cbd367cc16a541547e3a2d5b35295539390d	xls		Heodo
2022-01-12 01:55:32	d70eea3a457a572c1ee00b87e0c62ad39c9a8307340a7bff3bae0a08ade7c556	xls		SilentBuilder
2022-01-12 01:28:02	ecaa8fa10f2e5726552f68f4c691133bb782d791b23c96e2c26b5c4838a00e68	xls		SilentBuilder
2022-01-12 01:05:09	c51d8cb997287ed9a94d3d5dfd322c073e1eeea0634bfe18f7d92a3d7fd85543	xls		Heodo
2022-01-12 00:59:00	894ae1ab382fe85d09096d1997f468b8e5f327326c39e15bd1ba47f4c4d2f14f	xls		Heodo
2022-01-12 00:32:40	a196a7f762ccc713b4c96a96ad4d8d50c3a27964758730b87741f65f609c91ab	xls		SilentBuilder
2022-01-12 00:06:23	05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268b	xls		SilentBuilder
2022-01-11 23:57:10	034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfda	xls		Heodo
2022-01-11 23:27:22	b5207887a27a42330a6b8e863e0550008a6375de1f4c9c6c0edcc7a9bb6d548f	xls		SilentBuilder
2022-01-11 23:11:37	5c5fd037c414e33a6538da72a5ea4ae89c8dac15b396b6a10e8504a0b5a7ee75	xls		Heodo
2022-01-11 22:35:57	cd8e0110b182d3afd4d91cc9be83efb4de17b54e76e93d861acbd9e981906fb0	xls		SilentBuilder
2022-01-11 22:08:52	1366ff2954ebdb9193d178c527dcb190c48b6e6af91005463433f390dbc3a2ce	xls		SilentBuilder
2022-01-11 21:45:40	62ec5aff1c6c20ac27c09077ff459dbe375a4d8841b6b47f85c7e51b7d26fd9b	xls		SilentBuilder
2022-01-11 16:41:12	a6854cf37029a39a9a86de7f468e16d520cc046bef6fcd50290cd7c19843cd74	xls		Heodo
2022-01-11 16:29:08	d3d5235e9cd078ca6b850d47f9c7e0b1b36e1e67ff27fd74709976a54bc35dee	html
2022-01-11 16:29:08	7955874a069fbde3eb5144ea8420f8b9e80d0c8ccd822c21b54150e53608116c	xls		SilentBuilder