URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	nienke.studioabove.nl
Domain registrar:	ZXCS
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-18 13:11:04 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-01-18 13:11:04	185.104.29.66	web0111.zxcs.nl	Not listed	AS206281 AS-ZXCS	NL	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-18 13:11:04	http://nienke.studioabove.nl/wp-includes/yt/	Offline	emotet epoch4 redir-doc	Cryptolaemus1
2022-01-18 13:11:04	http://nienke.studioabove.nl/wp-includes/yt/?i=1	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-18 18:33:46	f46200d10671958e27b019f1501f27f33ec5c0e0aaf34b8a526f6aeb8cd1662e	xls		Heodo
2022-01-18 16:05:59	e6a55d3065b29b2634244c18d442d767860dde8b31b384e78ffa5a532f690a08	xls		SilentBuilder
2022-01-18 15:52:35	faeddf651c26d7da83c2fa5c8c4a79c87ed1b3485682d350b61af795687c06ca	xls		SilentBuilder
2022-01-18 15:35:24	193d044e84f776310495eaac6c95c173ad5ddb730b53fed2617f7137b52f55b8	xls		Heodo
2022-01-18 15:25:14	39e577149d59ac4d3ea01f60a4c7512d68bbf7d288f20828d2b6972904cb0cd3	xls		Heodo
2022-01-18 15:06:27	5fe180908f64eddc15b778af084abd112ed95ecfbcd690dfabcda4aab7e2f9f7	xls		Heodo
2022-01-18 14:52:57	17c6c45571007ecbe44b50fafd5222e9fd161646f082d066f7fee48fe727ee5a	xls		Heodo
2022-01-18 14:43:56	33d2af0373f1662863398e935a3130ca56d7fcd1cd61e2963dc3c70adf85032c	xls		Heodo
2022-01-18 14:32:26	cc388c53dcd2ba27713c35922f2a353f9de73fd32fefd659903f99bb8e2c4bf8	xls		Heodo
2022-01-18 14:15:52	ee5f67811826c99bf20139cb20c4927a5ece12e158dbcaf0eb0fdb0dd00cb87e	xls		Heodo
2022-01-18 14:07:57	f1d5c86f97c302196b50beb4543ebbf621445b8876c8e2731db342b90111bfe9	xls		Heodo
2022-01-18 13:45:44	28c65d1f9eccc96780983180a3c32b0c8b5f65c97d06375841c3b01b1c8f616a	xls		SilentBuilder
2022-01-18 13:38:36	3b09c747879fe086967326539cbf687b58430a6736ed748ad363ed7919756539	xls		SilentBuilder
2022-01-18 13:22:43	f386fa8e712fec7fdf912fa73704a375be4db32562d3c74d8069036f2d6d50e8	xls		SilentBuilder
2022-01-18 13:11:04	33b07111ae2a048359b7ff3cd9995b8da74f9d3d32ddfebedc1a2f1271edce30	html
2022-01-18 13:11:04	554def5c6fb4917a17fb5f951fc799471eb7520dd970a47d62ad565642b281d6	xls		SilentBuilder