URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	honeysposecurityfileexchangeservice.duckdns.org
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-06-03 07:27:02 UTC
Total malware sites :	10
Online malware sites :	0 (0%)
Offline Malware sites :	10 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-06-03 17:36:02	192.169.69.25	sinkhole.hyas.com	Not listed	AS27323 SERVERSTADIUM	US	yes
2020-06-03 07:27:05	107.173.219.40	107-173-219-40-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-06-03 09:40:26	http://honeysposecurityfileexchangeservice.duck...	Offline	AgentTesla exe	zbetcheckin
2020-06-03 09:25:15	http://honeysposecurityfileexchangeservice.duck...	Offline	RTF	zbetcheckin
2020-06-03 07:27:28	http://honeysposecurityfileexchangeservice.duck...	Offline	doc opendir	0x3c7
2020-06-03 07:27:26	http://honeysposecurityfileexchangeservice.duck...	Offline	doc opendir	0x3c7
2020-06-03 07:27:24	http://honeysposecurityfileexchangeservice.duck...	Offline	doc opendir	0x3c7
2020-06-03 07:27:21	http://honeysposecurityfileexchangeservice.duck...	Offline	exe opendir Quakbot	0x3c7
2020-06-03 07:27:16	http://honeysposecurityfileexchangeservice.duck...	Offline	exe AgentTesla opendir	0x3c7
2020-06-03 07:27:12	http://honeysposecurityfileexchangeservice.duck...	Offline	exe opendir RemcosRAT	0x3c7
2020-06-03 07:27:08	http://honeysposecurityfileexchangeservice.duck...	Offline	exe GuLoader opendir	0x3c7
2020-06-03 07:27:05	http://honeysposecurityfileexchangeservice.duck...	Offline	AgentTesla exe opendir	0x3c7

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-06-03 09:40:27	ab16bb404c41a68072c1452e4de8c820a653d5b583aa227432b60be71eecbca7	exe	AgentTesla
2020-06-03 09:36:36	a0aef6c6a4a874e086022af3f90f30c583b1b7afac099917d3cde73ede726481	rtf
2020-06-03 08:04:24	abad8749dba32cc79e2cde946d44bffede031f10a89d8a73331bef2ec807ded8	rtf
2020-06-03 07:38:14	197a55bb96ac1671d454da1a9590181fca39c39f4a88cc72f4fe50b6ef5ef796	rtf
2020-06-03 07:27:24	8b485478bd585b1ee0d3b17c21210a90e3c940f0c4ed029b61ef69fa9f8b49fe	rtf
2020-06-03 07:27:21	736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582	exe	Quakbot
2020-06-03 07:27:16	4822e8047138172c21ab1503cf4a40db06a03a6f547bc72ad0f5fe736d365954	exe	AgentTesla
2020-06-03 07:27:12	ec4b8a8c2223163d74c1c9b97e26889074e995beea8e9a78ba3a8a430fde7bd0	exe	RemcosRAT
2020-06-03 07:27:08	5f55b8d8191c4701fb0a4c44245d8ffa387c74ef7a5a68267104a614defb3d07	exe	GuLoader
2020-06-03 07:27:05	4a4fe9ccfc1fcd85080b7ba8c53325466e06bb5a0b5fc29a05a87c5515504b0a	exe	AgentTesla