URLhaus Database

You are currently viewing the URLhaus database entry for https://civilwarhomestead.com/to/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2650431
URL: https://civilwarhomestead.com/to/
URL Status:Offline
Host: civilwarhomestead.com
Date added:2023-06-02 15:37:43 UTC
Last online:2023-06-05 04:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-02 15:40:33 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 12 hours, 27 minutes Poor (down since 2023-06-05 04:07:55 UTC)
Tags:BB30 geofenced js Qakbot link TR USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-04document_E539_Jun_2.zipzip ad3a08cd4292cc1144ca04bef820344cb9f1f01ef82b08e0c02cb160f6d35776n/a 
2023-06-04document_B437_Jun_2.zipzip ae91586de9ec5b760226434fc11ed55f7f06427be4b2651c36a922239de3064fn/a 
2023-06-03document_C798_Jun_2.zipzip bfd3c4f6d4cbb49f598a3c0d4864af959140b75f470dd901714b3667eb3c25d3Virustotal results 27.42% 
2023-06-03document_C254_Jun_2.zipzip a3a3a4e5254f590b161bfcbf65c18b3377db898a07b8fe4dbdfdd57509dfdb73Virustotal results 24.19% 
2023-06-02document_B768_Jun_2.zipzip 86b82c1586b14f7929252ad2229bce46e2109ae7368d6eb742d68fc680778187n/a 
2023-06-02document_A096_Jun_2.zipzip 263f608450de434c9608d8fbc9df4a94dfb89f266eb29f65b98f3384b6fad77fn/a