URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	mainlis.pt
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-06-27 04:03:02 UTC
Total malware sites :	16
Online malware sites :	0 (0%)
Offline Malware sites :	16 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2018-11-30 14:03:30	130.185.87.137	cp1.webserver.pt	Not listed	AS24768 ALMOUROLTEC	PT	no
2018-06-27 04:03:04	130.185.84.61	manager2cp1.webserver.pt	Not listed	AS24768 ALMOUROLTEC	PT	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2018-11-19 19:53:50	http://mainlis.pt/default/US/Address-and-paymen...	Offline	emotet heodo	cocaman
2018-10-04 08:16:28	http://mainlis.pt/newsletter/En/Invoices-Overdue	Offline	doc emotet heodo	unixronin
2018-10-02 11:01:16	http://mainlis.pt/doc/En/Inv-375448-PO-5K520813	Offline	doc emotet heodo	unixronin
2018-09-04 10:36:08	http://mainlis.pt/0f9WStspZ	Offline	emotet exe heodo	Anonymous
2018-08-30 14:05:19	http://mainlis.pt/ZfpsEep/	Offline	heodo	JayTHL
2018-08-30 10:57:07	http://mainlis.pt/ZfpsEep	Offline	emotet exe heodo	ps66uk
2018-08-22 08:50:42	http://mainlis.pt/98440MV/biz/Business	Offline	doc emotet	ps66uk
2018-08-07 00:58:11	http://mainlis.pt/default/US/Address-and-paymen...	Offline	doc emotet	Cryptolaemus1
2018-07-26 03:55:12	http://mainlis.pt/Tracking/En_us/	Offline	doc emotet epoch2	Cryptolaemus1
2018-07-19 18:33:10	http://mainlis.pt/files/US/Client/INV91544705432/	Offline	emotet heodo	JayTHL
2018-07-19 17:29:07	http://mainlis.pt/files/US/Client/INV91544705432	Offline	doc emotet heodo	p5yb34m
2018-07-14 02:58:56	http://mainlis.pt/newsletter/En/INVOICE-STATUS/...	Offline	doc emotet epoch2 heodo	Cryptolaemus1
2018-06-30 06:08:33	http://mainlis.pt/Facturas-56	Offline	emotet heodo	p5yb34m
2018-06-30 06:08:31	http://mainlis.pt/Factura-23/74	Offline	emotet heodo	p5yb34m
2018-06-28 23:03:41	http://mainlis.pt/Facturas-56/	Offline	doc emotet heodo	Anonymous
2018-06-27 04:03:04	http://mainlis.pt/Factura-23/74/	Offline	doc emotet epoch1 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2018-10-05 11:16:18	14ab848a21e4370cbecb5bce9b9233d37aa0d9a02dd7e3aa32fb1ccdf052b07c	doc	Heodo
2018-07-20 04:55:42	180fd095fac220876a81b870f81af36d1a4b15b7cee4327354e4a06301032f1e	doc	Heodo
2018-07-20 04:52:40	180fd095fac220876a81b870f81af36d1a4b15b7cee4327354e4a06301032f1e	doc	Heodo
2018-07-15 09:19:09	c9e30d2ed8bff5da98238bac6465ec87788f9a6fab6ba789c1ab9051881ff1d0	doc	Heodo
2018-06-30 07:18:58	027c6eff88fad90897f116eb96b21980bdf0d89f36f72df4960726e3334331c6	doc	Heodo
2018-06-30 07:10:50	027c6eff88fad90897f116eb96b21980bdf0d89f36f72df4960726e3334331c6	doc	Heodo