URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	web.geetle.ga
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-03-25 15:01:05 UTC
Total malware sites :	1
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-01-24 17:18:25	5.254.41.65		Not listed	AS3223 VOXILITY	US	no
2021-03-25 15:01:09	5.254.41.129		Not listed	AS3223 VOXILITY	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-03-25 15:01:09	http://web.geetle.ga/rosnrt8z.zip	Offline	dll Dridex	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-03-30 17:23:52	743602be8d3744493041340f7597c497ecbeefb520f849e9430424fc341ff828	dll	Dridex
2021-03-30 02:17:53	909166e0153b337e599634ee0da7b620b494e4d4242368dbd24215716d8272c8	dll	Dridex
2021-03-30 00:11:04	0e8ac7247bd4505fb23ebf2bcf38a9c5ebbe74df882e0ebe21be637d58a1adf7	dll	Dridex
2021-03-29 23:00:04	e94906cd773a761101d05c80b3dd5ea09267423a26efe1a2869c03a3ed910cf5	dll	Dridex
2021-03-29 22:01:44	066941a88c45ea7602c54938d69963169cfb93806596ea8397215ba85c07227b	dll	Dridex
2021-03-25 15:01:08	c83b1f21b3c13741c8047162999e5c60b7360342713f095719b22837eae0b01d	dll	Dridex