URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	amvd.org.mx
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-09-30 11:08:06 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 14:55:49	195.250.27.158	pl4307.mex1.stableserver.net	Not listed	AS211126 WHG-MEX	MX	yes
2020-09-30 11:08:09	68.183.167.43	dos2r1083.servwingu.mx	Not listed	AS14061 DIGITALOCEAN-ASN	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-09-30 11:08:09	https://amvd.org.mx/old_site_backup/submenu02/e...	Offline	doc emotet epoch2 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-09-30 13:00:31	54f93880d0f4c65aaa29acd1dff0cb761aa8dc7388f96435e8c55ead32b30dfe	doc	Heodo
2020-09-30 12:29:06	25ea63c6b2b40a9e3cd16e7ff7bef353fc6d0a0d87b8a661aebc9e377439f8ef	doc	Heodo
2020-09-30 12:07:28	d206f9b0e7b447444d1f5d592716186fac89b660509dc88efa51a5701e795a77	doc	Heodo
2020-09-30 11:36:41	1d5daccb3ffdca9e417370c654eefb0f6a0b2c3de51d7ca751c676d623cd57bc	doc	Heodo
2020-09-30 11:25:44	e7a2c5f70735aa280cf5aeca7377be7974e8c56d30e0d263086d484657e21d55	doc	Heodo
2020-09-30 11:08:09	cdc88da9dc92cd4bbf8e6de747dd552a54b99dce8dfc68b79373710fc7938e52	doc	Heodo