URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.dzshswkj.com
Domain registrar:	NameBright.com
Domain registration date:	2021-11-17 19:24:06 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-18 20:41:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	16

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-11-18 11:11:04	149.56.107.108	ns529975.ip-149-56-107.net	Not listed	AS16276 OVH	CA	yes
2025-11-01 14:10:08	167.114.114.187	vps-db963d43.vps.ovh.ca	Not listed	AS16276 OVH	CA	no
2025-11-09 23:28:37	51.222.158.8	vps-6c269884.vps.ovh.ca	Not listed	AS16276 OVH	CA	no
2025-11-01 21:28:49	198.100.154.3	vps-f90022ba.vps.ovh.ca	Not listed	AS16276 OVH	CA	no
2025-09-02 06:39:37	148.113.194.50	vps-e6bc9336.vps.ovh.ca	Not listed	AS16276 OVH	CA	no
2025-09-03 02:57:34	192.99.145.61	vps-f23bc24c.vps.ovh.ca	Not listed	AS16276 OVH	CA	no
2025-06-08 17:54:58	104.233.195.56		Not listed	AS54600 PEG-SV	US	no
2025-06-05 06:58:31	172.65.185.109		Not listed	AS13335 CLOUDFLARENET	n/a	no
2023-03-16 20:24:59	154.215.175.117		Not listed	AS134175 SH2206-AP	HK	no
2022-12-09 20:10:34	154.215.166.109		Not listed	AS134175 SH2206-AP	HK	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-18 20:41:07	http://www.dzshswkj.com/wp-includes/Ochtwmy2Pdc...	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1
2022-01-18 20:41:05	http://www.dzshswkj.com/wp-includes/Ochtwmy2Pdc...	Offline	emotet epoch4 redir-doc	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-19 20:50:49	4f48ef3036b8e2b724cbf9ec618f35baf7cb5e2017dc5fae4825659a28b58e68	xls		SilentBuilder
2022-01-19 20:39:35	f364484e6d3e00f20019e36759be54c6c36fab26ca0d5dbe5819354754423a1c	xls		Heodo
2022-01-19 20:23:16	2af6631e3481f468b1b17c3008374c23eff67a9f139e56ecc0bb9a0a34016048	xls		Heodo
2022-01-19 20:07:08	0bced3cd2e9c1e23162ba0e5e2ccc316b26f399a22c93a5d2b026017790db3fe	xls		Heodo
2022-01-19 20:01:49	a5d921070dd610f17b5c5922595511d63385bd7b99623f64f8ac7a0e457ab651	xls		Heodo
2022-01-19 19:33:39	fa118d305bad13e6c33a570a4bcd6159971ca1c5c3cf06eb7c8a5612e0d42aaf	xls		Heodo
2022-01-19 19:18:56	cff13f579e3598d9be5b751b75baf9fe837772239567fd22224bce3c6e99e1d0	xls		Heodo
2022-01-19 18:49:29	54c4606892b1fede80e10591041b980262e6a780b2017de3ce6779d96d862a44	xls		SilentBuilder
2022-01-19 18:25:49	ed228873fb44f8cc68edada7c0687dfda287a3ae45fb0c0cb6cf8a58bb2487fc	xls		Heodo
2022-01-19 18:08:04	5c8cb7136b7f89772e79c0a2f6ead69434dbd7cd66ed030ca620de279c9b20a2	xls		Heodo
2022-01-19 17:55:48	d26f4a2809e92686fcb04d7e6662638fb1da0e2e7d7dd7057ef7931d1c36f4d3	xls		Heodo
2022-01-19 17:51:47	fa264c33403e70b02a4aa9feedf6328187ad3e3ff96e4b6d3f60dda60f5658f1	xls		Heodo
2022-01-19 17:30:31	2973cc99c73795a2e3a00ef11ea792c3800f933fc073fe670d2907261f6c965c	xls		Heodo
2022-01-19 17:18:02	14817a3b02e6cb0a22fd6b251c612d2f21ba516c03224741e3ddc24755c424de	xls		Heodo
2022-01-19 17:02:58	536fe29b4002bc97dbdb4f89a409168dd8f4166ef7a9d857252fd6e82be07950	xls		Heodo
2022-01-19 16:53:12	c90e7d5d7b914e154dba5a9acde682aea9d957f777039a2eb165926dae35ac35	xls		Heodo
2022-01-19 16:30:39	44da779f7768dcf98274fb702fc93b89b7c674a2de24c2547f3a765663092d4c	xls		Heodo
2022-01-19 16:21:36	b8e79d6d4ce2e23e9b126c3397150be331952bae520caad6039e7dfd048c83f3	xls		Heodo
2022-01-19 15:59:36	06f81a0439de4a88bddf3371586a0d0594bfb213bb35e9b00f300d012e4e2691	xls		Heodo
2022-01-19 15:43:18	2ead439d10213f8992ba0fa9c5a4ad9ef3fa50bf9b2ba0b7aa2ddd01a4e8306f	xls		Heodo
2022-01-19 15:32:23	4ea8a2a5f986391336015695a1f48749ea0956a8874d8ffe17cc4b6c0865c9fa	xls		Heodo
2022-01-19 15:19:45	08326159f288918480978f4ca2d0a705037a18c23e58f779f9bb3bd9fdde6d75	xls		SilentBuilder
2022-01-19 15:04:48	e65457b2422f5bf91f36b2f1a6d12469325b7b580d3d07262777b764230414f0	xls		Heodo
2022-01-19 14:48:40	45436614d9baa751a6da8b87c9736389801dd8daab1a8f82d73aa96f644da316	xls		Heodo
2022-01-19 14:34:43	4cd7a9573d00e7cf41a66b48f93031073ed5751a546dd851d52e805248aa3972	xls		Heodo
2022-01-19 14:16:42	b5ca16a64ab14a0b55fc7b71a1591ecbf68a94fa5a2c2d623ee21eb29091df25	xls		Heodo
2022-01-19 14:07:47	3340c74a1202b3e5f9516584a312c057b828436c35a06bbd7c3d0916e9a85289	xls		Heodo
2022-01-19 13:40:25	f019fca804432459a70c27b9361be7db78f4dcb3754485872c11fdfb1da20e8a	xls		Heodo
2022-01-19 13:25:37	76faa078d1f1713f316cf3d152958b0db77d8e9255dd084d902b460fb3ea97cb	xls		Heodo
2022-01-19 12:43:56	0c4b8e3f9f33c533fb5f6f6aff0802f3fe3f9c0eaeb8bdbf82687c98c999e3be	xls		SilentBuilder
2022-01-19 12:36:31	80eee1c94351d2cf598dc0b19d25ae8ce3898e3420bbb20c67a6e2e09a4a740b	xls		Heodo
2022-01-18 21:07:18	95141c557c2da97c647844e7c27133e0f8ba49907e167088ad774ed57e950294	xls		SilentBuilder
2022-01-18 20:41:07	42548ded9ad20eeaa75c1c3c3f1ac4785bc4f7047e5d96d5a020db062f55605c	xls		Heodo
2022-01-18 20:41:05	84549d0eea85a7732786ba55544a742a8811f69deacdfbb1d33b5710c84755da	html