URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	thys.info
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-08-06 10:23:33 UTC
Total malware sites :	1
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-08-06 10:23:33	31.3.102.50	shared01.dvkhosting.be	Not listed	AS20857 TRANSIP-AS	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-06 10:23:33	http://thys.info/cgi-bin/dto9bw762134183771szye...	Offline	doc emotet epoch2 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-06 11:39:29	a9984aecc080d9309c8ff86367b71d556798bf01e130d0f9354a5d0158accede	doc	Heodo
2020-08-06 11:37:46	fc55cdec1587494b3683916ba5c6b6679011e4cdb28f218c292abe9e23efc1b7	doc	Heodo
2020-08-06 11:08:55	751d0f8d16eae467cda2596b400afebcba628d7a0dd6cb876b1a2963acd5c8a6	doc	Heodo
2020-08-06 10:48:56	4f225fe467ead97d93712caf45378bd55d657949b260ff02f9fb976e168d8e0c	doc	Heodo
2020-08-06 10:27:29	341cf3a96d115acf061be9c88fb6dd93c04a154827ee00f8538a6c2db1c94cc5	doc	Heodo
2020-08-06 10:23:33	eb8b5bc7601e82bd28e2d03ddfc32a41840992dae09bbfb4b3c006852cb846e8	doc	Heodo