URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | office365.firewall-gateway.net |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2019-11-12 12:47:02 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
| A record(s) observed : | 1 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2019-11-12 12:47:09 | 78.128.92.21 | Not listed | AS57344 TELEHOUSE-AS |  BG | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2019-11-13 01:17:06 | http://office365.firewall-gateway.net/frnk/vbc.exe | Offline | exe |  zbetcheckin |
| 2019-11-12 18:17:06 | http://office365.firewall-gateway.net/py/docume... | Offline | RTF | zbetcheckin |
| 2019-11-12 17:45:04 | http://office365.firewall-gateway.net/py/vbc.exe | Offline | exe HawkEye  | zbetcheckin |
| 2019-11-12 17:40:32 | http://office365.firewall-gateway.net/blk/svcho... | Offline | exe | zbetcheckin |
| 2019-11-12 17:33:04 | http://office365.firewall-gateway.net/work/vbc.exe | Offline | exe | zbetcheckin |
| 2019-11-12 12:48:37 | http://office365.firewall-gateway.net/angel/x.exe | Offline | exe Quakbot | oppimaniac |
| 2019-11-12 12:48:34 | http://office365.firewall-gateway.net/angel/vbs... | Offline | exe | oppimaniac |
| 2019-11-12 12:47:09 | http://office365.firewall-gateway.net/angel/vbc... | Offline | exe Formbook | oppimaniac |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2019-11-13 01:17:06 | a82db3fb9d483461aabcd209c84dcc45e0abfe9dcebcacd9ae720951bc9fff2c | exe | ||
| 2019-11-12 18:17:05 | 83241045b3bf3099fd6ca16cfbbcd7e8afa91c2613698ff3cd04b8e83075b494 | rtf | ||
| 2019-11-12 18:11:15 | 2d05691d56a0c3e063635cff16f438fb53803e675b5112829ba76ae3c3f1414d | exe | ||
| 2019-11-12 17:45:04 | ffd6843441f28a660e7b5e7ffc14ba414e9689198b3de7bd16e207f357bb56e1 | exe | HawkEye | |
| 2019-11-12 17:33:04 | e04b34c5473ba5c201b9a92c13e4decc22b7201551031466b900cc7dd0f13666 | exe | ||
| 2019-11-12 12:48:37 | 736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582 | exe | Quakbot | |
| 2019-11-12 12:48:34 | 61a3fca53020a2f454e7934c827de162f9adc8f149d86f1efc419718f8be38f6 | exe | ||
| 2019-11-12 12:47:04 | 99979b3ce1e80f50c93dcdc659886f982f9e5e154ccaf5cfb8341e451f1227bd | exe | FormBook |