URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	stdyzgchgcloudgostgt.dns.army
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-03-29 06:27:02 UTC
Total malware sites :	1
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-03-29 06:27:05	103.141.138.132		Not listed	AS135905 VNPT-AS-VN	VN	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-03-29 06:27:05	http://stdyzgchgcloudgostgt.dns.army/zgcdoc/win...	Offline	exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-03-31 05:52:20	db1a8d7d27c500facb7e8e5c30ff3c9d901c51a550ebdad36e741d518b628c30	exe	Formbook
2021-03-31 03:43:47	5755f598a66b494a7692bfefd7ff348d7d1d8ae6fdd7e799bdfe7f6cbf642c33	exe	Formbook
2021-03-31 01:10:08	c0f11b7c60225d6f758096db00ac2a64ab9613c3ae909f7fc49e70631dceb4b5	exe	Formbook
2021-03-30 04:47:07	cf993c713cfe3b22bd4978530f420e2dc54c38d106ad5fc5a9aacb1e377b81e2	exe	Formbook
2021-03-30 04:35:34	6fac6e1f7f8cdd8cec52b2dd7a23fd434084c7d12ef0f04deaa52794d3612ef7	exe	Formbook
2021-03-29 21:21:41	993b6766e9dc3b8a73be0756a6053da8c24e1148783c584299a5bfe2f7daba77	exe	Formbook
2021-03-29 06:27:05	a3d951fa76fbb0f24540b97767e2d327b9bdb2e6e93721cb3da4ac5370118dbc	exe	Formbook