URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.thecitizensforum.org
Domain registrar:	GoDaddy
Domain registration date:	2020-06-18 16:58:26 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-10-21 19:16:03 UTC
Total malware sites :	1
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-01-15 12:44:37	104.21.53.5		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-01-02 06:04:25	172.67.206.201		Not listed	AS13335 CLOUDFLARENET	n/a	no
2020-10-21 19:16:09	198.20.110.112	vm998.tmdcloud.eu	Not listed	AS32475 SINGLEHOP-LLC	NL	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-10-21 19:16:09	https://www.thecitizensforum.org/cgi-bin/kU/	Offline	emotet epoch2 exe heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2020-10-22 13:09:22	8d20833d6f09b807d28f6954f53cd452349f4c2a05381a36aad31b931f5b7c24	exe		Heodo
2020-10-22 12:57:17	94c55f6053207827d6f0f995d66df470f205941f16a30a03339e9186c632e532	exe		Heodo
2020-10-22 12:16:49	7b1ceeeea2976e3961efa63bc29e41bbf52ed5df72eea44bf188d6f92ae99ab4	exe		Heodo
2020-10-22 11:47:39	5617d61a3c348d894b45ddff9907382ac13f1cd65b19a1d4b95b8b5bc82a36c1	exe		Heodo
2020-10-22 11:23:26	df5ff8038391cfce3e6f56807b2c22e8d39186f5559073a2593863ee04be9698	exe		Heodo
2020-10-22 10:54:01	451cf9341fcb0e5caaa246dd770cdc0ba57dc232e0704667a6414a7786425b34	exe		Heodo
2020-10-22 10:32:37	f7552ba24b881d5276b82a7948d0fcf2e970f61545575a6bc02160b9c7591d80	exe		Heodo
2020-10-22 10:11:56	8c26c718029838202cc0b738db1bf609be7b7b7c2a046d45a001cfa5a9266440	exe		Heodo
2020-10-22 09:34:53	0caadf38a96b0206aea5cd9dd74f573646accd141d8ec751907232f25db073dd	exe		Heodo
2020-10-22 09:15:18	6f0a70be736930aeab087a8ed3d9dac301a70d2ca1c0d6f3ef5c999706cf1ee2	exe		Heodo
2020-10-22 09:08:38	c84828bbb0b8abe4ad979c3ea83f26f1068bb178bea14418a075848995aaf4e4	exe		Heodo
2020-10-22 08:52:19	773c8eef3c1ba0fb09fe09ca5fc5fac04963aa106184ef24300b973146b8811e	exe		Heodo
2020-10-22 08:17:10	c9829481fbdcbf8d6cace24ebbfb02824652bb797d5ec7189ecb62e2aba983f4	exe		Heodo
2020-10-22 07:50:08	da85edd2a352adf744965b40eb6c42ef65576ec01a208920191a875583c56e9e	exe		Heodo
2020-10-22 07:31:46	1dc9e996fdb53053362d7f56ea864df0604cd28dd59bfedfca24afe81c684c1a	exe		Heodo
2020-10-22 07:02:25	63ea1fe69b9bfe1666ab0e92c23564ce7c9c3a22ee9b890e7c9ee959535b8cf4	exe		Heodo
2020-10-22 06:29:22	30029a5235b85de79d7d3e30fbd9b5082c6f11f309566dd945c01032befe08da	exe		Heodo
2020-10-22 05:58:19	ca3f13e7c6b7d1c35b4b223e3a9276f980564231364fe9d819650ef42da609fc	exe		Heodo
2020-10-22 05:32:17	5279e71028ffcd0d19d3b7ce88d04c5bcd7b4a509fb268e948692f5dedc7403e	exe		Heodo
2020-10-22 05:05:00	203b9c95d1380f33739c32400d754bf465e866c787488af5b242bd3be49ba765	exe		Heodo
2020-10-22 04:25:29	47547e1b7f156c1018d89ee9109087e86e35ed5d117cb312c1fab0f24ad1ce8d	exe		Heodo
2020-10-22 04:15:48	85c544b906c584e1c61dfe06f2e1f436f9c7a11a319bbee2075746b14589d53c	exe		Heodo
2020-10-22 03:51:34	941d0286fca03773792dc07b237d37163736d48ad7bee0a4155a7c6f2af54c8e	exe		Heodo
2020-10-22 03:12:55	b6226d956555926f6377348e76f43bf4b93b2c02bba6731f594032948c4dad91	exe		Heodo
2020-10-22 03:06:48	26df5788f01298c69d460375752a37132a323ce43744bd4e6df002c9594d6e03	exe		Heodo
2020-10-22 02:33:51	f2f1102a14963b9e6d8a7a7644f9d20385626f9ca2531c458f564fe0c8ef6df5	exe		Heodo
2020-10-22 02:00:39	1998d09958e2d175ed028ce07d3b0a11b71bfe925742254a7452a51c5ac36c53	exe		Heodo
2020-10-22 01:27:15	4fa4ee129928a6d2c02083f8642173884cc8b7014f5a168b320ce60ebe118fdd	exe		Heodo
2020-10-22 00:47:03	9ecc57eabefa226e013bdba267d1aca65afd1bade44fa007d3c8e2c0648fdb1f	exe		Heodo
2020-10-22 00:14:36	b429e322bf9671c40cc4ac9880f1fb1c35510801d09d9b1cb9624043f1320973	exe		Heodo
2020-10-21 23:53:29	a869608a76c690921e78b32be42044f6be755540d59b77059c6fc97997ea2cff	exe		Heodo
2020-10-21 23:26:46	f4599763c39220ad836e00b585b037055b21fd8a260353a8b63e4198967addcd	exe		Heodo
2020-10-21 22:36:33	5b6601633e79e07d5b5e60197c692b21d900dec2be9a6347a8c70571c4d3e6f1	exe		Heodo
2020-10-21 22:07:08	9db12256c4fee0827cdfa22d4a281011bd0f3c0e416905e62a98860d0e942594	exe		Heodo
2020-10-21 21:40:19	8b79adaba3c95aeaa1801ded27d7d5dc2872a495e71878a8e608d4b519eeba0f	exe		Heodo
2020-10-21 21:12:29	bf5162db1c41d37c034831abf1f01c7a63b7cb427537f7191eba8a88b3133621	exe		Heodo
2020-10-21 20:52:48	8767ae6ce24adc902259cbbe9c773358fd72106480a8c79befa9a45aaa750443	exe		Heodo
2020-10-21 20:20:18	669d530337bbe99dee3b94ea9c37311b5d1c3307f8f5e8cd2315f7ea2882f2d1	exe		Heodo
2020-10-21 19:46:18	a08a9e88b6006d574fa7d0cb2e060092ecf48cc92e2d87d9cc0ed8e850043d73	exe		Heodo
2020-10-21 19:16:09	fc35c7d65b14268807a9770e1a8e0f8e69e952b6e5d85251f03561b8866e00b3	exe		Heodo