URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	workbigfinetonychuckgoodallarefinezynovaexploitgood.warzonedns.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2019-09-16 08:01:04 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2019-09-16 08:01:07	23.249.165.218		Not listed	AS398880 INVESTCLOUD	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2019-09-20 08:17:20	http://workbigfinetonychuckgoodallarefinezynova...	Offline	exe	oppimaniac
2019-09-20 08:16:20	http://workbigfinetonychuckgoodallarefinezynova...	Offline	AgentTesla exe	oppimaniac
2019-09-19 09:40:14	http://workbigfinetonychuckgoodallarefinezynova...	Offline	exe	oppimaniac
2019-09-19 02:47:02	http://workbigfinetonychuckgoodallarefinezynova...	Offline		p5yb34m
2019-09-18 12:51:06	http://workbigfinetonychuckgoodallarefinezynova...	Offline	exe Loki	abuse_ch
2019-09-17 00:41:09	http://workbigfinetonychuckgoodallarefinezynova...	Offline	AgentTesla exe	zbetcheckin
2019-09-16 20:54:06	http://workbigfinetonychuckgoodallarefinezynova...	Offline	AgentTesla exe rat	p5yb34m
2019-09-16 18:19:05	http://workbigfinetonychuckgoodallarefinezynova...	Offline	AgentTesla	James_inthe_box
2019-09-16 08:01:07	http://workbigfinetonychuckgoodallarefinezynova...	Offline	AgentTesla keylogger	dvk01uk

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2019-09-20 08:17:18	8c9611ab9a8a8dbc44f93e6f81cb2c46ed936cdde7fb88b9410d50bde750cfb6	exe
2019-09-20 08:16:20	ef397996fc9deb852d8ac67dda8231f978eee88f38cd7947a33b7d6eb23f89b9	exe	AgentTesla
2019-09-19 09:40:14	8c9611ab9a8a8dbc44f93e6f81cb2c46ed936cdde7fb88b9410d50bde750cfb6	exe
2019-09-19 02:47:02	97b7b34e68b2f52b5301d002f9aaf643b8f8f66eeaed457931f44a93d0dafa6d	rtf
2019-09-18 12:51:06	2fa3ed2aca2f06a92d04648d04bbb1063a73e58989556037d15a49b7b17e5f70	exe	Loki
2019-09-18 12:11:52	8f01e2ad9d7495b901da4953ac3cce0e630bd62cb3fb91dcfb7c1f7f07716344	exe	AgentTesla
2019-09-18 11:52:48	8c9611ab9a8a8dbc44f93e6f81cb2c46ed936cdde7fb88b9410d50bde750cfb6	exe
2019-09-18 07:59:57	c4c27b9f0eb9404fff51a8c87896bdea4ee94ebcc20a7af3b65456f890286609	exe	AgentTesla
2019-09-17 13:33:32	420f4ecc90587a9c34f2f7f91a94f6924b711a08ccd4b303d252eef27cc7a136	exe	AgentTesla
2019-09-17 08:21:42	fcf89c2dfcfe0282f1949a517d8697454e8b3445195682ee7f0f729abe74ef7a	exe	AgentTesla
2019-09-17 08:21:40	83a0a5adabb938aa3e3f755941bd6e5c3eeaba6f3e37661982b698de637b73ac	exe	AgentTesla
2019-09-17 07:35:21	8c9611ab9a8a8dbc44f93e6f81cb2c46ed936cdde7fb88b9410d50bde750cfb6	exe
2019-09-17 00:41:09	8c78f8de678f7e2440e8e87ea5e06504aae0446f671e3bfcb6568a236df22469	exe	AgentTesla
2019-09-16 20:54:06	c4f6dd95a4ad82bfdc5c24b57e5c1a75f33ffd32901d184d4d6e103eeeefbc58	exe	AgentTesla
2019-09-16 18:19:05	81e05dab0e3269bc6b6a22446b1cd4cee1171227878dd46b636c266ab0434cd0	exe	AgentTesla
2019-09-16 08:01:07	270e56e60bab1c286c06f71fcf3b9b5a1b6b17d3acfb1f939d6b988400ddea7a	exe	AgentTesla