URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	reader.euskadigital.eus
Domain registrar:	10dencehispahard
Domain registration date:	2017-03-14 11:39:13 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-18 13:51:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	14

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-03-01 11:16:28	79.116.152.58	79-116-152-58.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2023-01-05 02:27:06	79.116.53.161	79-116-53-161.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2022-12-23 15:23:06	79.116.52.18	79-116-52-18.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2022-11-17 12:10:41	188.26.207.234	188-26-207-234.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2022-10-03 15:21:17	79.116.42.134	79-116-42-134.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2022-07-15 14:21:54	188.26.204.114	188-26-204-114.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2022-06-23 16:42:21	79.116.53.197	79-116-53-197.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2022-03-25 12:00:02	79.116.23.134	79-116-23-134.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2022-03-13 19:03:51	79.116.43.7	79-116-43-7.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no
2022-03-11 00:56:26	79.116.13.210	79-116-13-210.digimobil.es	Not listed	AS57269 DIGISPAINTELECOM	ES	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-18 13:51:04	https://reader.euskadigital.eus/vendor/rKssCVCq...	Offline	emotet epoch4 redir-doc	Cryptolaemus1
2022-01-18 13:51:04	https://reader.euskadigital.eus/vendor/rKssCVCq...	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-18 14:10:47	203afcf45c6c4b26213d835ba1164816c6c5ff9617e763481ecbd90481f1c581	xls		Heodo
2022-01-18 13:51:04	eab2257b40a134198b1dfd8384f0788ebc3122a7bb9ffee941be9d4454bf4a7a	html
2022-01-18 13:51:04	fa10d4c1be08f4e283bdaaa42a1d800768187162e2d90bb494fa4367dcd494ad	xls		SilentBuilder