URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	salwa-khit.webmyidea.com
Domain registrar:	OnlineNIC
Domain registration date:	2018-04-12 16:52:24 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-11 14:53:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-04-17 21:34:26	208.91.197.13		Not listed	AS40034 CONFLUENCE-NETWORK-INC	VG	no
2022-01-11 14:53:04	95.111.249.189	ip-189-249-111-95.static.contabo.net	Not listed	AS51167 CONTABO	FR	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-11 14:53:04	http://salwa-khit.webmyidea.com/assets/rJZuJkVi...	Offline	emotet epoch4 redir-doc xls	waga_tw
2022-01-11 14:53:04	http://salwa-khit.webmyidea.com/assets/rJZuJkVi...	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-11 23:12:26	429e0de91bc404f5fc886f0618177f5bc49fe0da3940e98426c5d5cd8aed57cf	xls		Heodo
2022-01-11 22:40:38	f326b9b9af87bd43878455ac75b4e61fadd71bdfcebf5b4508525cbbb4e8038b	xls		Heodo
2022-01-11 22:10:11	a3977aa3c358df0d9777be64e5c10b4a874fd0eac63183e92837d58038e5c4c1	xls		Heodo
2022-01-11 21:48:43	e7065618e785e98792d570656fd412ecf695c45ec5a8123d04cf4ee302d225bf	xls		SilentBuilder
2022-01-11 21:23:18	dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259	xls		SilentBuilder
2022-01-11 21:04:53	1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866b	xls		Heodo
2022-01-11 20:49:55	b5d8116e0b4f01eb2affa09d857d1be4df2e18dd793e4ab0b6ad28e0d5eadc15	xls		Heodo
2022-01-11 20:21:52	d92b0ebb1f64086c8c4d5b238f3683a3319bcf041cdfc9e6736f742a260a5ce2	xls		SilentBuilder
2022-01-11 19:55:04	426fda840765e44250686f1102e902242babe0cea36a756beac6c0757a73c28a	xls		SilentBuilder
2022-01-11 19:32:42	e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1b	xls		SilentBuilder
2022-01-11 19:07:20	afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292e	xls		SilentBuilder
2022-01-11 18:49:23	18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51	xls		SilentBuilder
2022-01-11 18:26:59	60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440a	xls		SilentBuilder
2022-01-11 18:02:35	e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75	xls		SilentBuilder
2022-01-11 17:39:05	b1facac75e8c07b20f413b7083f889cd502c32847a97c5cbed0d3e4051f9a139	xls		SilentBuilder
2022-01-11 17:24:15	54e67293d34aa1794e6227fa0641f88d5206b073319b30e5e68e238f8b698b98	xls		SilentBuilder
2022-01-11 17:04:16	13a116b4d63f461fc1ef2413ad32b486cefd432df4324dd3f9fa6ca9697a65d3	xls		Heodo
2022-01-11 16:51:33	b68760371e947df68d4f69a1f9b43a56de082932df771b0ef088adaae130931c	xls		SilentBuilder
2022-01-11 16:25:50	7955874a069fbde3eb5144ea8420f8b9e80d0c8ccd822c21b54150e53608116c	xls		SilentBuilder
2022-01-11 16:18:00	2f80ecbe8f3eb45c354fb36640dc4be6b13064be8550f2d49e41090e5c113b72	xls		Heodo
2022-01-11 15:55:28	0b52372793be51e4313df2cb64a2b43650e47eb55920506fa6ac3f0726da0a89	xls		SilentBuilder
2022-01-11 15:43:28	9f968d781db29617f0b9954b931d6fd3cf4ad16b365ae3a64441eba7a84d611d	html
2022-01-11 15:22:39	d77daa81350a4b38ba1ed4ad068297d5680f054a489a4b9004aaea0a9bdfc180	html
2022-01-11 15:19:38	bdb3e9a556bc850867023c8e1c5ea1e20cda48c72bd0396ef667d3352b14d65f	xls		SilentBuilder
2022-01-11 15:05:46	3dbfb9a583de71af6ce19cbfb294476ab7d6fcfd2fe42c9bf38886ace35c58fb	xls		SilentBuilder
2022-01-11 14:53:04	58f9d3255466b6011091023f84f65a0105f354ba16f12c384387c56b4980a7d4	html
2022-01-11 14:53:04	125d84a3e35c42f4464704bc17b835fd488c8116476a7c61d170e47def200dd6	xls		Heodo