URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host mozillamaintenanceservice.duckdns.org.

Database Entry


Host:mozillamaintenanceservice.duckdns.org
Spamhaus DBL:Abused domain (malware)
SURBL:Blacklisted
Firstseen:2019-01-31 16:13:03

IP addresses


The table below shows all IP address obsered for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones).

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-01-31 16:13:11181.52.101.218static-ip-cr181520101218.cable.net.coNot listedAS10620 Telmex Colombia S.A.- COyes

Malware URLs


The table below shows all malware URLs that are associated with this particulare host.

Dateadded (UTC)URLStatusTagsGSBReporter
2019-01-31 16:13:22http://mozillamaintenanceservice.duckdns.org:8379/is-send...Offlinebladabindi dunhi exe Imminent Loader njRAT payload rat remcos Clean@shotgunner101
2019-01-31 16:13:20http://mozillamaintenanceservice.duckdns.org:8379/is-send...Offlinebladabindi dunhi exe Imminent Loader njRAT payload rat remcos Clean@shotgunner101
2019-01-31 16:13:17http://mozillamaintenanceservice.duckdns.org:8379/is-send...Offlinebladabindi dunhi exe Imminent ImminentRAT Loader njRAT payload rat remcos Clean@shotgunner101
2019-01-31 16:13:14http://mozillamaintenanceservice.duckdns.org:8379/is-send...Offlinebladabindi dunhi exe Imminent Loader njRAT payload rat remcos Clean@shotgunner101
2019-01-31 16:13:11http://mozillamaintenanceservice.duckdns.org:8379/is-send...Offlinebladabindi dunhi exe Imminent Loader njRAT payload rat remcos Clean@shotgunner101