URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: firstdigitalscope.gotdns.ch
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2021-05-24 15:59:03 UTC
Total malware sites :6
Online malware sites :0 (0%)
Offline Malware sites :6 (100%)
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-07-12 10:18:02 198.12.91.144198-12-91-144-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USno
2021-05-24 15:59:05 192.3.13.56192-3-13-56-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-07-12 13:31:09http://firstdigitalscope.gotdns.ch/new.exeOfflineexe NanoCore ext rat abuse_ch
2021-07-12 13:30:10http://firstdigitalscope.gotdns.ch/file.exeOfflineexe Loki ext abuse_ch
2021-06-01 12:33:07http://firstdigitalscope.gotdns.ch/img/mn.exeOfflineexe NanoCore ext zbetcheckin
2021-05-24 16:00:09http://firstdigitalscope.gotdns.ch/img/nd.xlsxOfflineNanoCore ext opendir xlsx abuse_ch
2021-05-24 16:00:04http://firstdigitalscope.gotdns.ch/img/kn.exeOfflineexe NanoCore ext njRAT ext opendir abuse_ch
2021-05-24 15:59:05http://firstdigitalscope.gotdns.ch/img/nd.exeOfflineexe NanoCore ext opendir rat abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-07-13 07:14:50df54a04599bb3953ffcf067a4308e01dafe8ac2c9064bdd3fbc3a441725a06f2exeNanoCore
2021-07-12 13:31:09797f7a2f707e179000817c0eaa3982077e6d85b8b424c91ddd999bb0b17d05feexeNanoCore
2021-07-12 13:30:10eafe9fc6128b24ef45b5be8c16ccdeef2fcd0e0918bc5509d03a753ab686a3baexeLoki
2021-06-01 12:33:0763293e2c954c974e685dcb975d009448838d0ed659719d29340b587cc89c203fexeNanoCore
2021-05-28 02:55:3363293e2c954c974e685dcb975d009448838d0ed659719d29340b587cc89c203fexeNanoCore
2021-05-27 13:39:3063293e2c954c974e685dcb975d009448838d0ed659719d29340b587cc89c203fexeNanoCore
2021-05-26 23:49:49df6dc86d7d3af52012925193704ab594844739b107f8e635dd4f46aa4aa4d5d6exeNanoCore
2021-05-26 23:11:307a13232aa6568a9f5e4aa0bbc83ff8123517abd0e69b5cbd174ca23fd290f117exeNanoCore
2021-05-26 18:48:489f96527c9f839559485e89c5c5ff8f95708035fd55c9fac0c2edf3764224d860exeNanoCore
2021-05-26 08:08:313c3b325061dbb8de4fefd93109521cca123f4e4547fcf89f6d89e1af18b0f404exeNanoCore
2021-05-26 02:37:5231cfc8878052cc5306f6b3a65b3ba4e075c50fdc79fdb278033fe622432da9c0exeNanoCore
2021-05-26 02:07:4031cfc8878052cc5306f6b3a65b3ba4e075c50fdc79fdb278033fe622432da9c0exeNanoCore
2021-05-25 08:46:26ff9199c017ca230c32cd249181b684144d7db91256c7c4e4c68e66bdf3405c1fexeNanoCore
2021-05-25 08:46:03ff9199c017ca230c32cd249181b684144d7db91256c7c4e4c68e66bdf3405c1fexeNanoCore
2021-05-25 08:15:17b34d7795e3c4dd405ccb537034c48a7744f04aacaefdb49dcb6dab7e5b1002b7exeNanoCore
2021-05-25 07:01:2581a8b1c4a242da766e6496ee0d3a4f43f5bb2cdbec9ffa4bc68d1296c20cc267unknown 
2021-05-25 06:51:568dd026a2ba09dde763b3072759134bc5cf619ed84982379a72c53f5b126f37ecexe NanoCore
2021-05-24 16:00:09d40de7ba15f0ec97bd08e16c2c8ea5c73f224e35c0ddf4d0599d0e7ea0640ae0unknownNanoCore
2021-05-24 16:00:04de030e8408071c2238466c90058165060ecc8d1c022c4817fc5e217cc5561f54exenjrat
2021-05-24 15:59:04065f50e43b6331130a7b0ac8de24f6e1df0fb00d5c101666f32f6d54e6bd9d83exeNanoCore