URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: www.royalcityplumbing.ca
Domain registrar:Namecheap -
Domain registration date:2013-12-11 16:15:30 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2022-01-12 09:05:04 UTC
Total malware sites :4
Online malware sites :0 (0%)
Offline Malware sites :4 (100%)
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-03-05 04:47:47 74.208.236.12374-208-236-123.elastic-ssl.ui-r.comNot listedAS8560 IONOS-AS- USyes
2022-01-12 09:05:08 199.188.206.111server259-33.web-hosting.comNot listedAS22612 NAMECHEAP-NET- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-01-20 12:16:40http://www.royalcityplumbing.ca/wp-content/plug...Offlinebazaloader ext BazarLoader IcedID ext wp-roilbask im_geeg
2022-01-20 12:16:40http://www.royalcityplumbing.ca/wp-content/plug...Offlinebazaloader ext BazarLoader IcedID ext wp-roilbask im_geeg
2022-01-15 22:41:34https://www.royalcityplumbing.ca/wp-content/plu...OfflineIcedID ext Cryptolaemus1
2022-01-12 09:05:08https://www.royalcityplumbing.ca/wp-content/plu...OfflineIcedID ext wp-roilbask xll Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-01-13 06:07:3436eea2780c6330a824f03fde03e1c465c19d1706909af8ab1da60acb3b7f02b4dll IcedID
2022-01-13 05:37:506062599bb13ef036a42185ad9d1e2f58665f29d665626ce95571c49e0107f5dbdll IcedID
2022-01-13 05:31:1031ea2c96fb914d5d932a3176db0400ffbaac1af2d5b89d4f5bb58380d5cb7fa9dll IcedID
2022-01-13 05:02:265a5bcd7586232234b26c06e0a0bce8ab5e4fcf32379c4f1529fa4f3797e4ea95dll IcedID
2022-01-13 03:56:44149e1550810651ae047350af9dd52f2875b483fa7cc2b5a641d68678317d5e97dll IcedID
2022-01-13 03:06:163160725ecb2e49e109db6db96cb5dd7c537fe5ef8198bdcae2e55a9aa5de3384dll IcedID
2022-01-13 02:28:31a7d8021fc936f12b656c03b768cb00c53888073cd548b179a81529b9e36892f0dll IcedID
2022-01-13 01:54:52b6e82ee1beaffc29641bedf570c5a2704f76c1da1f0ac9f97337075e6c8ed75adll IcedID
2022-01-13 01:24:03415abfb2785209977e7293d58e6ec29345a1be9dc343ae69f17e96c5346f9fe7dllIcedID
2022-01-13 01:06:39ad095615f5b450c9f7ca1b115587c9708739bae844b819663248799f4a927acedllIcedID
2022-01-13 00:52:03d1e61f9b080e3b6892df3660c346870ec62ce7627437bc666d7e369e215f5f43dll IcedID
2022-01-13 00:31:441dfc17329674661fef45cc7b5b81891505821f454cdec5791370ba2cca1832f3dll IcedID
2022-01-12 22:56:27cf69a7a2b9beb8ae178df59e31393bc33ba69f9ec15b5cced248ba459f2caefcdll IcedID
2022-01-12 22:45:0797f67fca98471d15b171917f1b24e9bc85d4ca6e94b57985235f611c15637bbddll IcedID
2022-01-12 21:39:48105047a088c424564285c660467e7d848743d0d932918d060b937e85e9f7ddd0dll IcedID
2022-01-12 20:48:52e4fdc8b6743a24bcb75957fc1c2591dd552637e33184affe233f2ec7aa694225dllIcedID
2022-01-12 20:31:10718c54d1146a1d4a10fa7791295332e1bc18b906cbf5ee56e1f8a34b238b4cf0dll IcedID
2022-01-12 19:25:41386a6b2542e3d43404d66edb56283b4bbb8b54f0c67812ac8ae272601774e676dll IcedID
2022-01-12 19:05:34a670f3ada5b3b1ecbe3e5deca339cf032fa84d60e3ca18be4ba31f0aac0046b6dll IcedID
2022-01-12 18:56:491a47ab49a5341a3cfc40bd7a64dea46cb8cad224314a51410e7ad56bb6bb93b0dll IcedID
2022-01-12 18:37:27c32f6612f756900f22fe617bb11d8ac5793851efdc29bc38b129cf6516a841fbdll IcedID
2022-01-12 18:14:19cbcb0c99f879bbedf38347b63fa62c480f12580e5cb95a4a357bbef602d96e61dllIcedID
2022-01-12 17:23:0525cccdb32c59c9f617d5a40b1c0f8fc39760ae3fc2a68bc3c3708c02a0a7389ddllIcedID
2022-01-12 17:03:3793680a56efaa95e69cf26ec2a98c2de094425654db8a6c3b91f2fabc95d5cc21dll IcedID
2022-01-12 16:47:28e81beba107b603de192702d9ce123e5bd73260e3914f4dc291fcb9725e5ef1bcdll IcedID
2022-01-12 16:18:3009f61d519da2be5534a3089c1a1a9ddf53e66add5cec3812514f936301728142dll IcedID
2022-01-12 15:59:35d61b19edd293a0691527f40fb136511022d2c106bac5b770f9aedcea445c70addll IcedID
2022-01-12 15:42:596f7dfdabd97519cfe18e64f8e7d8663c7ad6d7422ba5ed09b473ebe290848e5ddll IcedID
2022-01-12 15:21:546cb4bd982b2cd8453206293fef87d30123766482cedcf17c53957810af96cdb6dll IcedID
2022-01-12 14:52:5499b64250b1cf93df611e3d4dbc6c80c102bb54d31495f1d95ffadb80a24a1c92dll IcedID
2022-01-12 14:36:15f25457885aa82374e3c250c2f89cb4ea9a4307715551e2c60618f7bd6887d52edll IcedID
2022-01-12 14:09:482775fd1fce482977acac8bf3bf7f8af4ed6c98630497317df49d7843b3a64543dll IcedID
2022-01-12 13:33:1559ac4760631f394ca1a41bc3dd7b4476fda6dcba1a8811f6190f4bab29a5f5c8dll IcedID
2022-01-12 13:18:52c149e4af0dd0c309c0ae96999eb70fed0583cc318d69f3cccf1809300843ba56dll IcedID
2022-01-12 12:39:238e66a80288d6f6ef23e1057309ab41fdfcd670dee1bd2752100488a5fb3e27bfdll IcedID
2022-01-12 11:57:3395cf4f58f7728d43b7bf60c3686db69cd465efc99609d21b417359dfb7697e3cdll IcedID
2022-01-12 11:38:17c7ab043e746c02b08e2f0f6f1957f6e5e699ddc5d263e6e52004ecb507102217dll IcedID
2022-01-12 11:29:295f6d60e0a6d16a8d4f3b3856505e73aa1e4235613e9edb2cea74f567c1583f10dll IcedID
2022-01-12 11:04:06784a4064eb633ce7eafaec660b3b9c60a20b395a1af516fe1b8bebaf9113380edll IcedID
2022-01-12 10:59:337c0990e56342e75681d975c394faf56cabd13b73f9d08cd158a96fff4fcef4a8dll IcedID
2022-01-12 10:18:52a9bca07c8e766ef6c19373f900834d168b116d325767402670ae5c232f81d46ddll IcedID
2022-01-12 10:03:41720fd64e0dd6bd4ed89e497069f3fab6c3e582ff689f87a51a8adc4e96970c8edll IcedID
2022-01-12 09:35:361e04ef3ce55c2925e2442a620b377060ee363294c4b1fef6c008ff8d6f874061dll IcedID
2022-01-12 09:05:07196533380a1caa82bba0cc7362801ed548e21f5fcd41cf041caa311ffd747d04dll IcedID