URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: windowsdefenderserversecuresofficew.duckdns.org
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-01-20 12:07:05 UTC
Total malware sites :20
Online malware sites :0 (0%)
Offline Malware sites :20 (100%)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2020-01-20 12:07:05 151.80.241.110ip110.ip-151-80-241.euNot listedAS16276 OVH- FRno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-01-21 18:25:07http://windowsdefenderserversecuresofficew.duck...Offlineexe Quakbot ext abuse_ch
2020-01-21 18:24:18http://windowsdefenderserversecuresofficew.duck...Offlineencrypted abuse_ch
2020-01-21 18:24:16http://windowsdefenderserversecuresofficew.duck...Offlineencrypted abuse_ch
2020-01-21 18:24:13http://windowsdefenderserversecuresofficew.duck...Offlineencrypted abuse_ch
2020-01-21 18:24:11http://windowsdefenderserversecuresofficew.duck...Offlineencrypted abuse_ch
2020-01-21 13:19:12http://windowsdefenderserversecuresofficew.duck...OfflineAgentTesla ext exe zbetcheckin
2020-01-21 13:05:42http://windowsdefenderserversecuresofficew.duck...Offlineexe zbetcheckin
2020-01-21 12:29:25http://windowsdefenderserversecuresofficew.duck...OfflineQuakbot ext JAMESWT_MHT
2020-01-21 12:29:22http://windowsdefenderserversecuresofficew.duck...Offline JAMESWT_MHT
2020-01-21 10:40:23http://windowsdefenderserversecuresofficew.duck...Offline vxvault
2020-01-21 10:40:09http://windowsdefenderserversecuresofficew.duck...OfflineFormbook ext vxvault
2020-01-21 10:39:58http://windowsdefenderserversecuresofficew.duck...OfflineFormbook ext vxvault
2020-01-21 10:39:54http://windowsdefenderserversecuresofficew.duck...OfflineFormbook ext vxvault
2020-01-20 15:43:08http://windowsdefenderserversecuresofficew.duck...Offlineexe zbetcheckin
2020-01-20 15:43:06http://windowsdefenderserversecuresofficew.duck...OfflineAgentTesla ext exe zbetcheckin
2020-01-20 15:39:04http://windowsdefenderserversecuresofficew.duck...Offlineexe zbetcheckin
2020-01-20 15:21:09http://windowsdefenderserversecuresofficew.duck...OfflineAgentTesla ext exe zbetcheckin
2020-01-20 15:16:10http://windowsdefenderserversecuresofficew.duck...Offlineexe Quakbot ext zbetcheckin
2020-01-20 15:16:06http://windowsdefenderserversecuresofficew.duck...Offlineexe zbetcheckin
2020-01-20 12:07:05http://windowsdefenderserversecuresofficew.duck...OfflineAgentTesla ext exe zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-01-21 22:01:40fae4257852b2124bac5c6fc0ac6baa784ea400a16042eb9492c3ce2fef6338a4exe  
2020-01-21 19:39:35736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-21 19:39:31440af41e2ff975b4fc6f5978a70386edccb5d8bc8a5a75bccb1ffe7ec215aa2funknown  
2020-01-21 18:37:37aa032c7889bdabf75c4b47aac27eb4eb7694058be7ce83f9f8ff08cd80e71489unknown  
2020-01-21 18:37:09fb018c81d7e0d0b5dd0ec9db1955443cd8558f32863870d03b0699b6e6835baeunknown  
2020-01-21 18:24:16c63dc445d39442ed5bd48714ad87bd3e54266cf24ef974cbf6f207aecbe73256unknown  
2020-01-21 17:04:39736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-21 13:19:126e75f004ff8156b98aa0675eba521ff23d5799ca73dae1b1160b5bcb3491befaexe AgentTesla
2020-01-21 13:05:42232608b15bcc5273effda4a0f648e37207301e4e0a4c0b975c353c1adc366be7exe  
2020-01-21 12:29:25736330aaa3a4683d3cc866153510763351a60062a236d22b12f4fe0f10853582exeQuakbot
2020-01-21 12:29:21ea06a8e038fee1c9c90a81342a68908efeccb2441cdceba270c30f98d94baadeexe  
2020-01-21 10:40:23ca66784a5b5b235edbef6a0269603a33a605121f3d43b6549022688c35be7a36exe  
2020-01-21 10:40:09c91bcb3c77538386c666f390f2b9c5c58251fe13388c7b54542f060f89602085exe FormBook
2020-01-21 10:39:58c91bcb3c77538386c666f390f2b9c5c58251fe13388c7b54542f060f89602085exe FormBook
2020-01-21 10:39:53c91bcb3c77538386c666f390f2b9c5c58251fe13388c7b54542f060f89602085exe FormBook
2020-01-20 19:32:288d4425a354861144dda08916ab216ae3060b20a11b9439e0b1bfc2c6f8228146exe  
2020-01-20 19:32:27e0d2a37d54f4d5e9ba653477005100a796c3419d82b480a469d880c7e09658c5exe  
2020-01-20 17:15:246c04a0eed76b9e8c2588a4a5523bfd2c19c4c3f1c71ba379a4cae3e019188451exe  
2020-01-20 15:43:06f0ac70e29743f91d4706f6ce77f57c8756323d874c67f0ff256f731c582fd7f5exe AgentTesla
2020-01-20 15:21:08214d3f646fda462cbbddf935fdbba96c985d88bb6d90262b27dc938563ede4fbexe AgentTesla
2020-01-20 15:16:1000122f3b496c55c2874e09e0e7e7d71eb8118269394d7bb54338873a2616be6bexe  
2020-01-20 12:36:217b3c9e0f3e7d8531131a36a601e6432025e15a53b38752822ae1f15a45b2cca3exe AgentTesla