URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	myhostisgood.ddns.net
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-01-18 07:34:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-01-18 12:27:09	45.147.231.181		SBL517021	AS30823 AUROLOGIC	DE	no
2021-01-18 07:34:07	72.11.158.157	72.11.158.157.static.quadranet.com	Not listed	AS9304 HUTCHISON-AS-AP	HK	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-01-18 09:37:04	http://myhostisgood.ddns.net/new.exe	Offline	exe NanoCore rat remcos RemcosRAT	abuse_ch
2021-01-18 07:34:07	http://myhostisgood.ddns.net/file.exe	Offline	exe NanoCore rat	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-01-18 11:52:00	1c55b3c97920d56dddbc38e6ba3c5dcbc7f3072792915b51e146b3dd92b3f392	exe	NanoCore
2021-01-18 09:37:04	97c1693cc21829a1b2139d13bc9b21a47555b18d6dc8943c4804890f1ab3b25c	exe	RemcosRAT
2021-01-18 09:20:12	1c55b3c97920d56dddbc38e6ba3c5dcbc7f3072792915b51e146b3dd92b3f392	exe	NanoCore
2021-01-18 07:34:06	3513df7406eef953434f0c75bcdf33c112ee42d6f81edb1928d1e008b691d703	exe	NanoCore