URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | bohler-edelstahl-at.com |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-12-18 07:21:09 UTC |
| Total malware sites : | 4 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 4 (100%) |
| A record(s) observed : | 5 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-03-18 00:49:33 | 198.54.117.197 | Not listed | AS22612 NAMECHEAP-NET |  US | no | |
| 2021-03-18 00:49:33 | 198.54.117.198 | Not listed | AS22612 NAMECHEAP-NET | US | no | |
| 2021-03-18 00:49:33 | 198.54.117.199 | Not listed | AS22612 NAMECHEAP-NET | US | no | |
| 2021-03-18 00:49:33 | 198.54.117.200 | Not listed | AS22612 NAMECHEAP-NET | US | no | |
| 2020-12-18 07:21:13 | 185.239.243.112 | ns1.20mb.nl | Not listed | AS212238 CDNEXT | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-01-03 00:29:02 | http://bohler-edelstahl-at.com/fa.exe | Offline | exe NetWire  |  zbetcheckin |
| 2020-12-22 07:32:33 | http://bohler-edelstahl-at.com/nt.bin | Offline | encrypted GuLoader NetWire |  abuse_ch |
| 2020-12-22 07:32:33 | http://bohler-edelstahl-at.com/fb.bin | Offline | encrypted Formbook GuLoader | abuse_ch |
| 2020-12-18 07:21:13 | http://bohler-edelstahl-at.com/kg.exe | Offline | AgentTesla exe | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-01-03 00:42:05 | 6f18dd2576aa2fc3af625f18e10aeac0f57fca8be33207bc0b6a7a6ee7d33701 | exe | NetWire | |
| 2020-12-22 08:36:33 | 1546595bde1a4ee5b107d5d866a6a3cab95fd9476a29b64275721babc64ada26 | unknown | ||
| 2020-12-22 08:07:11 | 5084869f637e4a096161f12cf2022439511d0369cb1ad01ce81370c5f03cd1b9 | unknown | ||
| 2020-12-18 07:21:11 | aba6e7eb4829aa943ce897edb7d6a6c7f9c91c516098734799d646d195bbbabd | exe | AgentTesla |