URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	sfghfsfjskdjkdfbvndcnfjskaklwrrfw.ydns.eu
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-02-03 07:36:03 UTC
Total malware sites :	7
Online malware sites :	0 (0%)
Offline Malware sites :	7 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-02-03 16:23:06	84.38.135.136	ip-135-136.dataclub.info	Not listed	AS52048 RixHost	LV	yes
2021-02-03 07:36:05	46.183.220.125	ip-220-125.dataclub.info	Not listed	AS52048 RixHost	LV	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-02-03 16:29:08	http://sfghfsfjskdjkdfbvndcnfjskaklwrrfw.ydns.e...	Offline	exe NanoCore rat	abuse_ch
2021-02-03 16:23:06	http://sfghfsfjskdjkdfbvndcnfjskaklwrrfw.ydns.e...	Offline	exe rat RemcosRAT	abuse_ch
2021-02-03 07:41:05	http://sfghfsfjskdjkdfbvndcnfjskaklwrrfw.ydns.e...	Offline	exe heodo RemcosRAT	abuse_ch
2021-02-03 07:40:04	http://sfghfsfjskdjkdfbvndcnfjskaklwrrfw.ydns.e...	Offline	exe heodo rat RemcosRAT	abuse_ch
2021-02-03 07:40:04	http://sfghfsfjskdjkdfbvndcnfjskaklwrrfw.ydns.e...	Offline	exe heodo	abuse_ch
2021-02-03 07:36:08	http://sfghfsfjskdjkdfbvndcnfjskaklwrrfw.ydns.e...	Offline	exe heodo NanoCore rat	abuse_ch
2021-02-03 07:36:05	http://sfghfsfjskdjkdfbvndcnfjskaklwrrfw.ydns.e...	Offline	exe heodo NanoCore rat	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-02-04 05:19:40	e4adb71e14abbd1610c98487a1cedb9b35b6e219b4a33efdf9dbcf23aae47197	exe	RemcosRAT
2021-02-04 00:41:11	0aae2bace47fd4233b42b2ee714d5f46a05fc2970928131c28573d9fbd876552	exe	RemcosRAT
2021-02-03 16:29:08	0b3279dcdbdc13a5025cec008353d4c7be4eb0d7722cd6d5767ee077ffb443e3	exe	NanoCore
2021-02-03 16:23:06	33b25ae8a09b3249f6f5a9971d563933e88d20dca6f2b761c308783e164de492	exe	RemcosRAT
2021-02-03 09:09:06	cc572924992910c6b6e28c7f616effa77dbbf8f6e1baeeb69a316277367589f5	exe	NanoCore
2021-02-03 08:13:05	c87726a3821a33019e9ceb54f3e5b87f6bca8d245577c7edfcc97551c3029c51	exe	Heodo
2021-02-03 08:09:41	dc1ad88c7352bb3eda02430081568f4a3adc15c33162af5fabe076e751583daf	exe	Heodo
2021-02-03 08:07:41	f9d5539d635a8bd563be1ca487341ce2ffa1c831772348510d164fa4e9aa77bc	exe	Heodo
2021-02-03 08:04:15	ad12802f6eca0261a8a86f495b594e9768516b607f1f2bb58985cab1856eaed0	exe	Heodo
2021-02-03 08:00:59	a26c6b765a7d3d6ca6dff6687bad6445fa9d7d82dfd88f432f883a3e259efac9	exe	Heodo
2021-02-03 07:41:05	9b91ccd7158599ea4cb5e71315d9e4ed38e326910e5a896caf7ed2cf8ed87016	exe	RemcosRAT
2021-02-03 07:40:04	9efd6319b183374d5ad3c3e9d5c52bd47827b72b482b0706898f7325ee699a6d	exe	RemcosRAT
2021-02-03 07:40:04	6171a96b1600c28873b6e30bef503f88f08c9a67c5444137be236bae2defaf71	exe	Heodo
2021-02-03 07:36:08	1c11ae71070f0d464e20f92b83a0e029dde16271703c329314c78423bcbe8b70	exe	NanoCore
2021-02-03 07:36:05	f7c779d5d3483c74f637ad8275802bacd163c29f25ac25cd57c1df7efa98d278	exe	NanoCore