URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host lineageforum.ru.

Database Entry


Host: lineageforum.ru
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Blocked
AdGuard :Not blocked
Firstseen:2019-01-16 01:01:29 UTC
Malware URLs:4
A records observed:3

IP addresses


The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-09-12 07:04:53 109.70.26.37expirepages-kiae-1.nic.ruNot listedAS48287 RU-CENTER- RUno
2019-09-12 07:04:53 194.85.61.76expirepages-kiae-2.nic.ruSBL466479AS48287 RU-CENTER- RUno
2019-01-16 01:01:32 83.137.50.20083.137.50.200.svnet.ruNot listedAS31415 SVSCOMM-AS- RUyes

Malware URLs


The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2019-01-25 03:22:05http://lineageforum.ru/slEq-xeE0_fr-EX/COMET/SIGNS/PAYMEN...Offlineemotet ext epoch2 heodo ext @Cryptolaemus1
2019-01-24 01:07:05http://lineageforum.ru/lLFft-ElDzH_gdqCXTGsj-S6A/INVOICE/...Offlinedoc emotet ext epoch2 heodo ext @Cryptolaemus1
2019-01-18 03:52:28http://lineageforum.ru/DE_de/PODMLRTCUW7550065/Rechnungs/...Offlinedoc emotet ext epoch2 heodo ext @Cryptolaemus1
2019-01-16 01:01:32http://lineageforum.ru/DE_de/YCLOXMQYD3571481/Rechnung/FORM/Offlineemotet ext epoch2 heodo ext @Cryptolaemus1