URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	klikshop.buzz
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2025-04-25 05:24:03 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2025-04-25 05:24:04	188.114.96.3	SBL690066	AS13335 CLOUDFLARENET	n/a	yes
2025-04-25 05:24:04	188.114.97.3	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-11-05 05:26:08	188.114.96.12	SBL687667	AS13335 CLOUDFLARENET	n/a	no
2025-11-05 05:26:08	188.114.97.12	SBL687666	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-05-24 23:01:07	http://klikshop.buzz/Inv00329359.zip	Offline		DaveLikesMalwre
2025-04-25 05:24:14	https://klikshop.buzz/BFVNDLDC.msi	Offline	DeerStealer	s1dhy
2025-04-25 05:24:04	https://klikshop.buzz/Verification.txt	Offline		s1dhy

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-08-14 16:23:29	149d15d6ae39c4d6b385e92edbde864ceca80acadddb6691ab7a387b5eafa840	txt
2025-05-24 23:01:07	d9123d497461cfc76c1e300c0fd96eeb17e68101b75138ad36c4d590260ab533	zip
2025-04-25 05:24:14	71149e56febb1f0b96518016f33dcfae141c8d8e1dcca5de5b97519214ec6de5	msi	DeerStealer