URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | ny.lshdw.cc |
|---|---|
| Domain registrar: | n/a |
| Domain registration date: | 2022-07-01 04:10:30 UTC |
| Spamhaus DBL : | Abused domain (malware) |
| SURBL : | Not blocked |
| Quad9 : | Blocked |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2025-01-31 06:59:05 UTC |
| Total malware sites : | 3 |
| Online malware sites : | 3 (100%) |
| Offline Malware sites : | 0 (0%) |
| Newest active malware site : | 2025-04-20 11:14:15 UTC |
| Oldest active malware site : | 2025-01-31 06:59:19 UTC (Age: 1 year, 4 month, 1 days, 13 hours, 22 minutes) |
| A record(s) observed : | 102 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-01-22 14:06:39 | 122.228.207.51 | Not listed | AS134771 CHINATELECOM-ZHEJIANG-WENZHOU-IDC |  CN | yes | |
| 2026-01-20 18:11:52 | 183.60.150.16 | Not listed | AS134763 CT-DongGuan-IDC | CN | yes | |
| 2026-04-29 12:19:08 | 222.211.93.226 | 226.93.211.222.broad.my.sc.dynamic.163data.com.cn | Not listed | AS38283 CHINANET-SCIDC-AS-AP | CN | no |
| 2026-04-01 09:17:11 | 222.211.93.225 | 225.93.211.222.broad.my.sc.dynamic.163data.com.cn | Not listed | AS38283 CHINANET-SCIDC-AS-AP | CN | no |
| 2026-01-20 18:11:52 | 59.80.34.82 | Not listed | AS134542 UNICOM-GUIAN | CN | no | |
| 2026-01-20 18:11:52 | 122.228.207.54 | Not listed | AS134771 CHINATELECOM-ZHEJIANG-WENZHOU-IDC | CN | no | |
| 2025-08-23 13:41:09 | 119.167.237.41 | Not listed | AS4837 CHINA169-Backbone | CN | no | |
| 2025-11-03 18:01:40 | 124.226.72.41 | Not listed | AS137693 CHINATELECOM-Guangxi-Nanning-IDC | CN | no | |
| 2025-04-18 12:38:39 | 183.60.227.41 | Not listed | AS134763 CT-DongGuan-IDC | CN | no | |
| 2025-01-31 08:51:18 | 111.225.213.41 | Not listed | AS4134 CHINANET-BACKBONE | CN | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-04-20 11:14:15 | http://ny.lshdw.cc/FB/32.exe | Online | 10pluspositivesinVT |  abus3reports |
| 2025-04-20 11:13:51 | http://ny.lshdw.cc/FB/sm.exe | Online | 10pluspositivesinVT | abus3reports |
| 2025-01-31 06:59:19 | http://ny.lshdw.cc/SigmaPlus/4.exe | Online | exe |  Riordz |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-05-14 22:17:28 | 68593303f5838661f35852cbb7441316c81f7b2cd6915f2d78d7846afe1630c0 | exe | ||
| 2025-05-04 06:10:45 | 87d1cab0c36fc6b2f4e9b278377394be9793132e25a2f4eaa2dc4f7d64c2b275 | exe | ||
| 2025-04-23 14:23:59 | 71f1dc902e188923620197c891f034e8d481c159f16b68fb4e9980b99203781c | exe | ||
| 2025-04-22 07:16:54 | aefbd18f1f8c49d306d1ada9e223c26f9831c20e11e7788df427a63e538852ed | exe | ||
| 2025-04-20 11:14:13 | a7337ddc3befa444ef0fec27312c97533ae543b6ec1dfd685f6e472f5be968e8 | exe | ||
| 2025-04-20 11:13:50 | 2967ba767b17d55716b469f03f16c5b87f37ca363fcc526b5890bfe3c05f1d49 | exe | ||
| 2025-03-15 08:12:01 | 012c9da1af79a696e0e7ccf24c167ba009fe35df86d4984f20deea248b4a1739 | exe | ||
| 2025-03-01 22:30:01 | 6ee768bb0324dcd885295930b2bf901885a0adf0d8f9096f51f9dbc504f1265e | exe | ||
| 2025-02-27 19:18:07 | 687596e70a45dc35e2d3aba1c16d8b175ce8d1df9b89aae48837bbc9697dbdd5 | exe | ||
| 2025-01-31 06:59:14 | d51ff16d8a29eda56b63973206ef45ca498211ad0e0764053081980d54b6bd38 | exe |