URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.sundayplanning.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-07-20 03:45:51 UTC
Total malware sites :	14
Online malware sites :	0 (0%)
Offline Malware sites :	14 (100%)
A record(s) observed :	20

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 09:14:19	104.21.50.54		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-04-27 09:14:19	172.67.201.140		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2019-07-21 06:45:39	54.95.148.24	ec2-54-95-148-24.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	no
2019-07-26 04:19:36	13.114.128.73	ec2-13-114-128-73.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	no
2019-07-21 06:45:39	54.248.185.239	ec2-54-248-185-239.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	no
2019-04-09 18:16:58	52.198.50.41	ec2-52-198-50-41.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	no
2019-04-09 18:16:58	13.114.62.150	ec2-13-114-62-150.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	no
2019-04-08 18:08:44	52.196.149.188	ec2-52-196-149-188.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	no
2019-04-08 18:08:44	54.65.191.22	ec2-54-65-191-22.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	no
2018-10-23 06:03:55	52.194.49.69	ec2-52-194-49-69.ap-northeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	JP	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2018-08-31 15:36:09	http://www.sundayplanning.com/2s	Offline	emotet exe heodo	unixronin
2018-08-24 08:33:39	http://www.sundayplanning.com/8739UIW/SWIFT/Per...	Offline	doc emotet heodo	ps66uk
2018-08-24 04:39:44	http://www.sundayplanning.com/1376TICV/SWIFT/Bu...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-22 08:52:12	http://www.sundayplanning.com/1376TICV/SWIFT/Bu...	Offline	doc emotet heodo	ps66uk
2018-08-14 04:31:31	http://www.sundayplanning.com/default/US/ACCOUN...	Offline	doc emotet heodo	Cryptolaemus1
2018-08-13 17:41:56	http://www.sundayplanning.com/default/US/ACCOUN...	Offline	doc emotet heodo	unixronin
2018-08-09 10:07:07	http://www.sundayplanning.com/FLf62	Offline	emotet exe heodo	Anonymous
2018-08-07 15:38:06	http://www.sundayplanning.com/oHkM/	Offline	heodo	zbetcheckin
2018-08-07 10:05:07	http://www.sundayplanning.com/oHkM	Offline	emotet exe heodo	unixronin
2018-08-06 14:39:18	http://www.sundayplanning.com/files/DE_de/Faktu...	Offline	doc emotet heodo	Anonymous
2018-08-01 16:15:53	http://www.sundayplanning.com/files/DE_de/Faktu...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-07-24 05:36:46	http://www.sundayplanning.com/pdf/US/Client/Inv...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-07-21 08:10:40	http://www.sundayplanning.com/pdf/US/Client/Inv...	Offline	doc emotet heodo	Anonymous
2018-07-20 03:45:55	http://www.sundayplanning.com/08/sites/En_us/DO...	Offline	doc emotet epoch2 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2018-08-25 13:19:24	b8be31db3cf8fa74d86929a303a2ae714fb928211f14b777f4a63f2bd1854929	doc	Heodo
2018-08-25 08:51:50	cd2ca0dd480b0e65a97ac35cd701ff8d72fa18e1ac3a212e52659e5eaaf9c175	doc	Heodo
2018-08-02 17:19:25	0d24a0249b4a2a3fa40453f2aac7d086219f5d4f6f5a316ab857c4559d79cfb8	doc
2018-08-01 20:36:44	ddfa667a6805bf8b9216feb8df15b1590c340914d7142aa142ecb858d117ba9b	doc	Heodo
2018-08-01 16:35:44	e1e6f47f76667d41ff54aa4b94741b5a0faccc5ef1a002694b83a0816ab7722f	doc	Heodo
2018-08-01 16:15:53	207f084b0cc2eb26c4a7c680a886e3f9bd65f45eed695d504743d6bbaafa9856	doc	Heodo
2018-07-24 05:36:46	9eb5ebf4950818df9294072543535ab5bf97a9af906b2c14909a7c79445250cf	doc	Heodo
2018-07-22 07:53:00	9eb5ebf4950818df9294072543535ab5bf97a9af906b2c14909a7c79445250cf	doc	Heodo
2018-07-22 06:43:19	9997faff082088963c088eedcfe40c5490a43a26af763637a376fd7f18e0412f	doc	Heodo
2018-07-21 23:18:59	7411a3de5ed22351f99283b783d220317c83f854e4053e7bdeff393042238186	doc	Heodo
2018-07-21 20:12:58	d2ca69e25ef2e753cc9ca52aa6b9577c0adfe3ff7916b054c6172e4e232ba357	doc	Heodo
2018-07-21 15:52:50	8449b8b0faadcfab22485004ccc56e221ddf48083c8569741996115ef56452f2	doc	Heodo
2018-07-21 09:50:51	25dc7d8c8e8880651752382dd3bd8bb32d363bbc5b4d75b8f8ca91105ff4d509	doc	Heodo
2018-07-21 09:29:02	8222a199549f259a4b3d2dbb1d1258957c16ff4df0d37eab65a05891de34c091	doc	Heodo
2018-07-20 03:45:54	5da441a5129f4d0cb8ab72d45b985fb9238218eee413835e1c6d94686fad9d5d	doc	Heodo