URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: windowsdefenderserversecuresofficeiq.duckdns.org
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-01-22 10:17:19 UTC
Total malware sites :29
Online malware sites :0 (0%)
Offline Malware sites :29 (100%)
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2020-01-23 20:41:50 192.169.69.25sinkhole.hyas.comNot listedAS27323 SERVERSTADIUM- USyes
2020-01-22 10:17:23 151.80.241.110ip110.ip-151-80-241.euNot listedAS16276 OVH- FRno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-01-23 17:51:38http://windowsdefenderserversecuresofficeiq.duc...Offlineexe Quakbot ext oppimaniac
2020-01-23 17:51:24http://windowsdefenderserversecuresofficeiq.duc...OfflineAgentTesla ext exe oppimaniac
2020-01-23 17:51:16http://windowsdefenderserversecuresofficeiq.duc...Offlineexe Quakbot ext oppimaniac
2020-01-23 17:50:27http://windowsdefenderserversecuresofficeiq.duc...Offlineexe Quakbot ext oppimaniac
2020-01-23 17:50:01http://windowsdefenderserversecuresofficeiq.duc...Offlineexe Quakbot ext oppimaniac
2020-01-23 17:49:33http://windowsdefenderserversecuresofficeiq.duc...Offlineemotet ext exe heodo ext oppimaniac
2020-01-23 17:49:28http://windowsdefenderserversecuresofficeiq.duc...Offlineemotet ext exe heodo ext oppimaniac
2020-01-23 17:49:23http://windowsdefenderserversecuresofficeiq.duc...Offlineemotet ext exe heodo ext oppimaniac
2020-01-23 12:35:11http://windowsdefenderserversecuresofficeiq.duc...OfflineFormbook ext emilstahl
2020-01-23 10:57:07http://windowsdefenderserversecuresofficeiq.duc...OfflineAgentTesla ext exe oppimaniac
2020-01-22 12:12:47http://windowsdefenderserversecuresofficeiq.duc...Offlinevbs oppimaniac
2020-01-22 12:12:45http://windowsdefenderserversecuresofficeiq.duc...Offlinevbs oppimaniac
2020-01-22 12:12:44http://windowsdefenderserversecuresofficeiq.duc...Offlineexe Quakbot ext oppimaniac
2020-01-22 12:12:41http://windowsdefenderserversecuresofficeiq.duc...Offlineexe oppimaniac
2020-01-22 12:12:38http://windowsdefenderserversecuresofficeiq.duc...OfflineAgentTesla ext exe oppimaniac
2020-01-22 12:12:32http://windowsdefenderserversecuresofficeiq.duc...Offlinevbs oppimaniac
2020-01-22 12:12:31http://windowsdefenderserversecuresofficeiq.duc...Offlinevbs oppimaniac
2020-01-22 12:12:22http://windowsdefenderserversecuresofficeiq.duc...Offlineexe oppimaniac
2020-01-22 12:12:19http://windowsdefenderserversecuresofficeiq.duc...Offlineexe oppimaniac
2020-01-22 12:12:13http://windowsdefenderserversecuresofficeiq.duc...OfflineAgentTesla ext exe oppimaniac
2020-01-22 12:10:54http://windowsdefenderserversecuresofficeiq.duc...Offlineexe oppimaniac
2020-01-22 12:10:39http://windowsdefenderserversecuresofficeiq.duc...Offlineexe oppimaniac
2020-01-22 12:10:22http://windowsdefenderserversecuresofficeiq.duc...OfflineAgentTesla ext exe oppimaniac
2020-01-22 12:09:23http://windowsdefenderserversecuresofficeiq.duc...Offlineexe Quakbot ext oppimaniac
2020-01-22 12:08:09http://windowsdefenderserversecuresofficeiq.duc...Offlineexe Quakbot ext oppimaniac
2020-01-22 12:07:22http://windowsdefenderserversecuresofficeiq.duc...Offlineexe Quakbot ext oppimaniac
2020-01-22 12:05:20http://windowsdefenderserversecuresofficeiq.duc...Offlineexe oppimaniac
2020-01-22 11:22:40http://windowsdefenderserversecuresofficeiq.duc...OfflineAgentTesla ext exe zbetcheckin
2020-01-22 10:17:23http://windowsdefenderserversecuresofficeiq.duc...OfflineAgentTesla ext vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-01-23 18:14:3345c5f21ef88c8a2bee18e7997d5721b2854a6b2546331d951072c17014cda06fexe AgentTesla
2020-01-23 17:51:38736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-23 17:51:16736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-23 17:50:27736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-23 17:50:01736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-23 17:49:3358ccb714d7e7b3a8edee27dc82659d8bab05626b7dc34a433ffa67bad275ceb0exe Heodo
2020-01-23 17:49:289d145d5851499604f6cacbae4b3a133350b7b5495c35b8d7e94464bb8d6fba66exe Heodo
2020-01-23 17:49:23455fc92378662033f1663d26bf010bcc0d682321adc635d9c52dfe0db6a79fffexe Heodo
2020-01-23 12:35:061343f2604228af62fa0b18120c34fe7874430f27e5ce706b036b018a72bab0fbexe FormBook
2020-01-23 11:27:177bdabe83e1bfa7cab94adce1814ef535acb0a5ccba366c0c1df509fc9f32afcfexe AgentTesla
2020-01-23 07:30:3755c3037a317f780f3e694da03f3bd9ba6487a9565bca772e9c29a9062797290fexe AgentTesla
2020-01-22 12:12:44736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-22 12:12:417977ac33b79881962befafb808b8d95e68667985fc93bdb89856ee8b7244c59cexe  
2020-01-22 12:12:380a876595dc512f2ba1f8a7f52e09d92e43c6b8f177cecbd85baf0032729fbecaexe AgentTesla
2020-01-22 12:12:22e0d2a37d54f4d5e9ba653477005100a796c3419d82b480a469d880c7e09658c5exe  
2020-01-22 12:12:196c04a0eed76b9e8c2588a4a5523bfd2c19c4c3f1c71ba379a4cae3e019188451exe  
2020-01-22 12:12:13397b18329c080325000b55838d26455945d068620af6ef1a76933b30a101c945exe AgentTesla
2020-01-22 12:10:548d4425a354861144dda08916ab216ae3060b20a11b9439e0b1bfc2c6f8228146exe  
2020-01-22 12:10:37fae4257852b2124bac5c6fc0ac6baa784ea400a16042eb9492c3ce2fef6338a4exe  
2020-01-22 12:10:22f0ac70e29743f91d4706f6ce77f57c8756323d874c67f0ff256f731c582fd7f5exe AgentTesla
2020-01-22 12:09:21736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-22 12:08:09736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-22 12:07:14736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-22 12:05:183c256797dc23c5c619fe9126bf514b733ff0ad04cf9c859a62f3f9b6c279dc3cexe  
2020-01-22 11:22:38f9bdbdfda9af6f51ce09f269e78350894090eff18495cc6a2992514ef1ec8fbfexe AgentTesla
2020-01-22 10:17:23280aeae432031afd88c1e72db036aebb6aee5d466bd6b9a69b5f82f41b302768exe AgentTesla