URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | gelrstyysayt.net |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-11-04 08:30:04 UTC |
| Total malware sites : | 4 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 4 (100%) |
| A record(s) observed : | 4 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2020-11-25 08:57:30 | 185.178.208.189 | ddos-guard.net | Not listed | AS57724 DDOS-GUARD |  RU | no |
| 2020-11-04 08:30:06 | 172.67.158.111 | Not listed | AS13335 CLOUDFLARENET | n/a | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-11-24 08:17:08 | http://gelrstyysayt.net/hnc.exe | Offline | gelrstyysayt_net ParallaxRAT  |  JAMESWT_MHT |
| 2020-11-24 08:17:05 | http://gelrstyysayt.net/cli.exe | Offline | gelrstyysayt_net | JAMESWT_MHT |
| 2020-11-24 08:17:05 | http://gelrstyysayt.net/vid.exe | Offline | ArkeiStealer gelrstyysayt_net | JAMESWT_MHT |
| 2020-11-04 08:30:07 | http://gelrstyysayt.net/test.exe | Offline | JAMESWT_MHT |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-11-25 08:57:30 | 53aa433c101f4bf08e503a323146bb67665931a9cf89915d238e80018dcc7d1e | exe | ArkeiStealer | |
| 2020-11-24 08:17:08 | b2f7094f521419809d946a68870b02bdd3a928c5a4d57ccdaea3b8f49bb96151 | exe | ParallaxRAT | |
| 2020-11-24 08:17:05 | d9d1a29e428b70152ea7e0977e3dbcea1b1f046a9f903d0df61dc65d7da6cdfb | exe | ||
| 2020-11-24 08:17:05 | 9a5e8b3e5929b50b2ac4c44587fb01153ad9377681c3ca5c2dfee11830a2caec | exe | ArkeiStealer | |
| 2020-11-04 08:30:06 | d9f117fe6e61f896f07f9e03cb598ad4679ce891e764f0a1ee05307546bc7679 | exe |