URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	cd-shl.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-08-20 10:48:03 UTC
Total malware sites :	1
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2025-07-13 15:32:30	104.21.30.237	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-07-13 15:32:30	172.67.174.46	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-04-27 12:53:24	108.186.126.244	Not listed	AS54600 PEG-SV	US	no
2020-08-20 10:48:07	45.249.95.47	Not listed	AS142403 YISUCLOUDLTD-HK	HK	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-20 10:48:07	http://cd-shl.com/wp-admin/sites/TDyA/	Offline	doc emotet epoch3 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-20 22:29:17	ed8f3cd480b6fef9996f65e02cc1cb3d295447728fd009032ac3838d32e01f37	doc	Heodo
2020-08-20 22:15:15	9c2952185499dfb564607790c299bf8a01a0bd16d64484be1812bfc88c5f5a06	doc	Heodo
2020-08-20 21:53:53	73edfc2aba2a5e763fb0b40b55a4695a6d9e6f0069b17e693c982385b150b4c7	doc	Heodo
2020-08-20 21:30:27	4e132ba6d019767be2f8156e367e5c0f60ee91db33f3517c525d22cace8bfa9b	doc	Heodo
2020-08-20 21:05:35	5f721fa567c8707cbefd2292d75f13cbe60f70a768b9a902547ae56d954a7b81	doc	Heodo
2020-08-20 20:44:15	5fa853ef0f61449fd95c38ca7e61ac05ab40c240e9d88e8cb0a80e9a3f8f82b0	doc	Heodo
2020-08-20 20:16:19	0c9bdaf25bc6465c491f19c920faa56544188ae9d41c7a0905bda06a835b6ec4	doc	Heodo
2020-08-20 19:50:05	a103c5322646cc9b595ae3a661b33e07325e1462f53bbc5955a3c738d3fc6827	doc	Heodo
2020-08-20 18:45:32	acf06f69fc335f401184ad3a218aec5075641fe29bce91e0f71b698c062b3e0b	doc	Heodo
2020-08-20 18:16:01	6d8877c3fe622e60ade68b560890183ab6a8f3808d4425263f61709f82496187	doc	Heodo
2020-08-20 17:49:28	91c51b6adfe6595da08931a5894071e6388a4cf770a95f00ee37480f8213916a	doc	Heodo
2020-08-20 12:54:31	ae09a760faec9e5c8f9d147329271cb1fa3971b119943d8cc9e16ce71c8e5fd3	doc	Heodo
2020-08-20 12:44:25	565a658a52901c5f0f0106f96c8e83c5bc9b0c91b259f8ece0aef34b546c57f3	doc	Heodo
2020-08-20 12:30:00	1c104db579e861c4c2e39952f6bdf68c5f428c16939b3bfc8d3ba3e68e01c387	doc	Heodo
2020-08-20 12:11:22	e443378d873265488a567b773f21b158d57af083c5cc445816d2614bab276bdb	doc	Heodo
2020-08-20 11:43:13	5156e2526958c387a88519d9be71196ec810c2e00341e7df0cd8cb8a05913a79	doc	Heodo
2020-08-20 10:48:07	7e06ee4704f2c5f8a4ed2f68565f3f7518dd9ae22b9ae4fde59b898d8d9647d0	doc	Heodo