loader image


x Mindflow

URLhaus was integrated by Mindflow to enable users to automate their incident management and better protect their information system.

URLhaus Overview

URLhaus is a project operated by abuse.ch which purpose is to collect, track and share malware URLs to help network administrators and security analysts to protect their networks and customers from threats.

Users can browse the database of URLs distributing malware or submit URLs. URLs submitted are shared with security solution providers, antivirus vendors and blacklist providers, including: Google Safe Browsing (GSB), Spamhaus DBL, SURBL.

URLhaus offers the following feeds:

  • Malware URLs (see API)
  • API (see bulk API)
  • Malware sample feed (upon request)



Automated / bulk submissions through the API.

The database dump is a simple CSV feed that contains malware URLs that are either actively distributing malware or that have been added within the past 90 days.

DNS Response Policy Zone (also known as a DNS firewall), to block the resolution of specific domain names on your DNS resolver. The solution extracts the domain names from malware URLs and offers them in an RPZ dataset.

The Plain-Text URL List of all malware URLs known to URLhaus.

haus regularely checks the content served by malicious URLs that are known and gather them in a CSV file. This CSV contains all payloads collected, identified by a hash (MD5 / SHA256 hash).

Want to enhance your service with orchestration and automation capabilities? Get in touch with our partner team.

Related integrations