URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | shawigroup.com |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-01-04 17:19:02 UTC |
| Total malware sites : | 4 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 4 (100%) |
| A record(s) observed : | 2 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-27 15:48:25 | 205.251.139.139 | kamari.nocdirect.com | Not listed | AS11042 NTHL |  US | yes |
| 2020-01-04 17:19:04 | 69.73.182.127 | winter.nodcirect.com | Not listed | AS11042 NTHL | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-07-14 19:19:30 | https://shawigroup.com/ReviewDocument.exe | Offline | 2020-07-14 Buer Buerloader  | Anonymous |
| 2020-04-10 14:04:16 | http://shawigroup.com/dmndfkle.exe | Offline | exe Trickbot |  abuse_ch |
| 2020-02-24 20:27:07 | http://shawigroup.com/yas14.exe | Offline |  JayTHL | |
| 2020-01-04 17:19:04 | https://shawigroup.com/solhost.pdf | Offline | exe Trickbot | Anonymous |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-07-14 19:19:29 | 63913936a820bf5e79bccb7ac74b80f78fae9aec0f2dbfa097f057227a2e4aa2 | exe | BuerLoader | |
| 2020-04-10 17:26:44 | 4dc82acf2a736e9cbaa39b5decfa943177417ad88d995ebe7fba79d9d0579849 | exe | TrickBot | |
| 2020-04-10 14:04:16 | 9e91c4019c91b12e04bff20bf3418ddb84e29ff54f275293b1cec9688ba18441 | exe | TrickBot | |
| 2020-02-24 20:27:07 | c18468e00d4027b583e9dbdbbfa97084baec49745b148fa6aafa8371f031d5f6 | exe | ||
| 2020-01-04 17:19:04 | 3d67808fb8a2b9c7cbcfb31af388acd274a47b2e618fad0f8af3f24a86e964cf | exe |