URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	demoeshop.cassoviacode.sk
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-08-11 19:12:14 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 15:18:25	37.9.175.155	ing.r2.websupport.sk	Not listed	AS51013 WEBSUPPORT-SRO-SK-AS	SK	yes
2020-08-11 19:12:15	37.9.175.17	17.175.9.37.in-addr.arpa.websupport.sk	Not listed	AS51013 WEBSUPPORT-SRO-SK-AS	SK	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-11 19:12:15	http://demoeshop.cassoviacode.sk/wp-includes/pr...	Offline	doc emotet epoch1 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-11 20:14:23	6bbbfea0979ddea7c5b31d79ead31b118ac7455812560b7e9bea64b8d1cc3366	doc	Heodo
2020-08-11 19:57:26	dc67e4720accd77c39d460b3209c199a542e2c1e9e673e3645d2924c6a7827d9	doc	Heodo
2020-08-11 19:42:49	9761b08fba6f220e64e7cd463ab0fade7ad359b78431e8272557bd70a7c4e7a3	doc	Heodo
2020-08-11 19:12:15	5f5269bf763c9f451410a2e90f0d1d7afbb92c036a1619e199938ffd09571315	doc	Heodo