URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	spread.ooo
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2019-03-07 17:34:04 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 19:12:06	192.124.249.32	cloudproxy10032.sucuri.net	Not listed	AS30148 SUCURI-SEC	US	yes
2019-03-07 17:34:05	111.118.215.27	bh-in-12.webhostbox.net	Not listed	AS394695 PUBLIC-DOMAIN-REGISTRY	IN	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-06 11:55:28	http://spread.ooo/mudcafe/report/	Offline	doc emotet epoch2 heodo	spamhaus
2020-01-16 22:45:06	http://spread.ooo/mudcafe/Wia/	Offline	doc emotet epoch3 heodo	Cryptolaemus1
2019-03-07 17:34:05	http://spread.ooo/mudcafe/tfmj0-fntvlp-dysv.view/	Offline	doc emotet epoch2 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-06 21:30:00	2632f54ff03da6748cd94b4dfa7c750dcf28976dc3c60983e594c50cfd49496f	doc	Heodo
2020-08-06 19:58:05	6404a5a49751db7e1c82b5bdffadd5171eea2b5a4b43f9b77afb50b2095df09d	doc	Heodo
2020-08-06 19:40:51	93c870008317b819f86d45c0c3e0075eae202d632a8c5a15afafda0e60ba9551	doc	Heodo
2020-08-06 19:25:33	ef6c1ffd05150882bfc54a821a952bd6f743e63a03c52ed1564f9ca8549299ce	doc	Heodo
2020-08-06 19:09:23	c587f3652820270bba59542522120672e8e95522ddcf9ef94ada4b00271b3bd7	doc	Heodo
2020-08-06 18:52:04	3d7b0b0b8db48edd63f38207860a39c39f05ca912545fae115149ce35b949740	doc	Heodo
2020-08-06 18:41:18	5475cfc64e19f8a7195be93c65b59fb767c78681a8776edaf2914d43242326ce	doc	Heodo
2020-08-06 18:33:58	49293332112aac8e7324c776e9ea01df8d9c3029f9d89b1883863fa4ac4335cc	doc	Heodo
2020-08-06 18:15:59	eadc186cfe8e3c19ea300adfa281efef73f5792352852efab0420e0389b49bb5	doc	Heodo
2020-08-06 17:58:47	b27f4ef8f5469f85fe50a642dcc5fee52880b25c23819000768cbd8055093726	doc	Heodo
2020-08-06 17:42:27	bb602d79341451698628307e329d7effecfc741d8cce9a03023082cca9e7fd6b	doc	Heodo
2020-08-06 17:24:46	90349a6fef59a2961f650f14597c52d61bcc6b18d8017591106c662239d21a8e	doc	Heodo
2020-08-06 17:05:31	8dfc9301200294d18edadcff9e243522a1a82a3378e5a874e18dd11a47204a34	doc	Heodo
2020-08-06 16:44:54	98826e022ea7e43c4ca336a98b7dfb45866836324f79e8e7af3eb4af39686c22	doc	Heodo
2020-08-06 16:22:27	c7600a3fc42b6fed1538b5fe0a9d93a62b124e58f5c96b976422f1670cab0016	doc	Heodo
2020-08-06 15:58:03	082b3011f9082a24a8638f4c1e707ff092cc1461362041ae4e3e621be475b1b5	doc	Heodo
2020-08-06 15:39:07	dcf13e777cc81ba6dbf2ebaf5747e5de599a4de2aefffe544b7f52c9e0188827	doc	Heodo
2020-08-06 15:05:20	b554adbe36cba4bab4728dd27cbe944e169443554e2a0cb67e1410fefac08049	doc	Heodo
2020-08-06 14:44:10	3aea71cb3bbb127254bc652cdf318ad814683e16c4c9f8fb7c6e84d42d32553c	doc	Heodo
2020-08-06 13:13:55	fa7a2f035cfa8ad6cee98c7429474f64f136f99a81f8f1047463efbedd4e7094	doc	Heodo
2020-08-06 11:55:28	7d36e7bf1b5cdcbb921805adb5c1d2ad2b9409ba4ce71767d57768a395300e11	doc	Heodo