URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.msctahmedabad.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-02-01 16:04:06 UTC
Total malware sites :	1
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-09-03 17:29:31	34.98.99.30	30.99.98.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2021-06-26 20:09:14	216.10.248.239	bh-in-35.webhostbox.net	Not listed	AS394695 PUBLIC-DOMAIN-REGISTRY	IN	no
2021-02-01 16:04:10	216.10.241.59		Not listed	AS394695 PUBLIC-DOMAIN-REGISTRY	IN	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-02-01 16:04:10	https://www.msctahmedabad.com/ap7frbox.rar	Offline	Dridex	stoerchl

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-02-02 04:49:15	c65243e51ddff712ffe22c8251980cb60c6b4d067074abe23695d2aeb7bf99f9	dll	Dridex
2021-02-01 21:26:38	3640f528016f39c4b2fd18f140d7cac8032cdaa21647affd7e92f1b5a0705949	dll	Dridex
2021-02-01 17:45:20	feada44e845212a5d52e3e05861e296b954b7ef52b916c92967cbc5baa4f2630	dll	Dridex
2021-02-01 16:04:09	85e89192cb6620876fbd1737641340e1f5996dffd1f8f1793922121ba5c26a74	dll	Dridex