URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	felixuco.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-05-18 10:49:41 UTC
Total malware sites :	8
Online malware sites :	0 (0%)
Offline Malware sites :	8 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 08:48:56	178.211.133.55	com1025.raiolanetworks.es	Not listed	AS56958 RaiolaNetworks	ES	yes
2018-09-25 08:00:28	37.59.226.101		Not listed	AS16276 OVH	FR	no
2018-05-18 10:50:00	86.109.170.12	web02.dnsprimario.com	Not listed	AS196713 ABANSYS_AND_HOSTYTEC-AS	ES	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2018-06-18 15:39:09	http://felixuco.com/Payment-and-address/Invoice...	Offline	AgentTesla doc emotet epoch1 heodo	Cryptolaemus1
2018-06-15 14:44:04	http://felixuco.com/IRS-Letters-062018-02/2/	Offline	doc emotet epoch1 heodo	Cryptolaemus1
2018-06-12 13:46:06	http://felixuco.com/IRS-Tax-Transcipts-01/8/	Offline	doc emotet Formbook heodo	Cryptolaemus1
2018-06-06 21:44:09	http://felixuco.com/L850J02/	Offline	emotet heodo payload	Cryptolaemus1
2018-06-05 17:04:02	http://felixuco.com/Facturation/	Offline	doc emotet heodo	Cryptolaemus1
2018-05-31 18:40:29	http://felixuco.com/iCMlUjhB5b/	Offline	emotet exe heodo	abuse_ch
2018-05-29 16:52:09	http://felixuco.com/ups.com/WebTracking/IC-8315...	Offline	doc emotet heodo	Cryptolaemus1
2018-05-18 10:50:00	http://felixuco.com/Invoice/	Offline	doc emotet heodo	JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2018-06-15 20:08:12	f5e86722c4805df0eba25b8d85607fe0ea03422c9e60b5a4f6285b0027f03582	doc		Heodo
2018-06-15 14:44:04	10b4c1ae0adc1a115d3912e20347e928100ed65741b74d9430004405644c8864	doc		Heodo