URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | wintekelevators.com |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Not blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-10-17 06:35:09 UTC |
| Total malware sites : | 3 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 3 (100%) |
| A record(s) observed : | 4 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-01-15 05:07:35 | 104.21.77.253 | Not listed | AS13335 CLOUDFLARENET | n/a | yes | |
| 2020-10-17 06:35:14 | 172.67.214.62 | Not listed | AS13335 CLOUDFLARENET | n/a | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-10-21 09:34:04 | http://wintekelevators.com/avast-premium/Report... | Offline | doc emotet  epoch2 heodo |  Cryptolaemus1 |
| 2020-10-19 08:11:08 | http://wintekelevators.com/avast-premium/S6/ | Offline | emotet epoch2 exe heodo | Cryptolaemus1 |
| 2020-10-17 06:35:14 | http://wintekelevators.com/wp-content/xExD/ | Offline | emotet epoch2 exe heodo | Cryptolaemus1 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-10-21 09:34:04 | 1865098fcd518717e48cae856ca1cb02c85a12a37eac4934fe3ec1a7ac2040ac | doc | Heodo | |
| 2020-10-19 08:11:08 | 2bddc4a417b5cd9f0f44f554fc31465d56d2aef67f94ee2635345b60fda01be8 | exe | Heodo | |
| 2020-10-17 08:36:58 | 4d8a9d2f90a32f9b4dbb3cdfab1b4a6a95c4e4484523bd69bbd5ca128749a08f | exe | Heodo | |
| 2020-10-17 08:17:32 | ff0bb2da3ff70f8498790068adeba46604b4313a1cd7ce8af0e861c990d905d4 | exe | Heodo | |
| 2020-10-17 07:16:32 | cbc60573cc1a579997150639a54182aa839b33dd7e16ed204ae96994b80d13c0 | exe | Heodo | |
| 2020-10-17 06:39:17 | 8735764dc95a233c948d3d4b417126b036b5c5f69e293b90aaae8471187b1a98 | exe | Heodo | |
| 2020-10-17 06:35:13 | 5b6563560dbb22e2c0b779092ac636ba9d0fbb074d3ee15170e43e367ca637bd | exe | Heodo |