URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	wsdyshgshgnationalobjindustrialatwsvak.ydns.eu
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-11-18 07:26:02 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 16:42:03	198.66.54.2		Not listed	AS6079 RCN-AS	US	yes
2020-11-18 07:26:07	103.125.191.187		Not listed	AS135905 VNPT-AS-VN	VN	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-11-18 07:26:07	http://wsdyshgshgnationalobjindustrialatwsvak.y...	Offline	exe Loki opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-11-19 11:01:36	a2155d331f79392f73448f46365f934013342366c972e51eee833bb655605da5	exe	Loki
2020-11-19 02:31:42	e3c55b40401cf1c56422d3df222ff2962cb110dd528f715b4c9a95179c4f9840	exe	Loki
2020-11-18 21:15:31	add6098978fb4c511d57cf351d6cacd9a50e1a1958e673a1fada4ecf753df51e	exe	Loki
2020-11-18 07:26:07	db4020db7c3b681006188cd154cbe5bb28041312b8abe6ce65133a9d3db40bdb	exe	Loki