URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	wt9.siweidaoxiang.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-03-08 01:33:03 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	103

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2025-04-27 13:50:57	208.98.40.207	Not listed	AS46844 SHARKTECH	US	yes
2025-05-07 11:41:16	208.98.40.208	Not listed	AS46844 SHARKTECH	US	no
2025-07-14 13:38:17	208.98.40.220	Not listed	AS46844 SHARKTECH	US	no
2025-08-02 15:26:06	208.98.40.27	Not listed	AS46844 SHARKTECH	US	no
2025-05-30 04:23:20	208.98.40.201	Not listed	AS46844 SHARKTECH	US	no
2025-07-06 18:56:59	208.98.40.23	Not listed	AS46844 SHARKTECH	US	no
2025-06-01 01:50:26	208.98.40.205	Not listed	AS46844 SHARKTECH	US	no
2025-09-08 03:17:17	208.98.40.39	Not listed	AS46844 SHARKTECH	US	no
2025-08-16 00:13:52	208.98.40.218	Not listed	AS46844 SHARKTECH	US	no
2025-09-17 02:43:32	208.98.40.25	Not listed	AS46844 SHARKTECH	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-03-08 06:34:55	http://wt9.siweidaoxiang.com/HA_GhostCastServer...	Offline	exe	zbetcheckin
2020-03-08 04:47:15	http://wt9.siweidaoxiang.com/xspeghp.exe	Offline	exe	zbetcheckin
2020-03-08 04:17:08	http://wt9.siweidaoxiang.com/sqlzhlygj.exe	Offline	exe	zbetcheckin
2020-03-08 01:33:11	http://wt9.siweidaoxiang.com/csoldzbfz.exe	Offline	exe	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type
2020-03-08 06:34:54	cfb522ce3d10b828c9215c02488c0103dd3433f8e2825f06e086275b4485e7c2	exe
2020-03-08 04:47:15	af86c7d38b436ded683e7a304f9200312aaa8e283c31de972bfabcd87a857a1b	exe
2020-03-08 04:17:08	68b46c06f1eaca6e99df3f5d50d9bc1d4bfad1d5ac3e5595fb4ef550f7cc8025	exe
2020-03-08 01:33:11	96355f242ca9c7bcc696deb1794176d7dc9e4436dc39f68eceed3952409f27aa	exe