URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: zz.whatsaapp.xyz
Domain registrar:NameSilo -
Domain registration date:2021-01-06 07:45:45 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-01-11 22:07:03 UTC
Total malware sites :8
Online malware sites :0 (0%)
Offline Malware sites :8 (100%)
A record(s) observed :9

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-11-02 15:10:01 188.114.96.3Not listedAS13335 CLOUDFLARENETn/ayes
2025-11-02 15:10:01 188.114.97.3Not listedAS13335 CLOUDFLARENETn/ayes
2025-11-02 14:43:55 104.21.89.49Not listedAS13335 CLOUDFLARENETn/ano
2025-11-02 14:43:54 172.67.156.110Not listedAS13335 CLOUDFLARENETn/ano
2025-11-05 03:11:55 188.114.96.12SBL687667AS13335 CLOUDFLARENETn/ano
2025-11-05 03:11:55 188.114.97.12SBL687666AS13335 CLOUDFLARENETn/ano
2023-01-06 11:16:05 91.195.240.12Not listedAS47846 SEDO-AS- DEno
2022-01-11 22:07:04 172.67.194.18Not listedAS13335 CLOUDFLARENETn/ano
2022-01-11 22:07:04 104.21.12.105Not listedAS13335 CLOUDFLARENETn/ano

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-01-13 23:31:04http://zz.whatsaapp.xyz/kss/76264-8885/Offlineemotet ext epoch5 redir-doc xls waga_tw
2022-01-13 23:31:04http://zz.whatsaapp.xyz/kss/76264-8885/?i=1Offlinedoc emotet ext epoch5 heodo ext sugimu_sec
2022-01-12 22:50:04http://zz.whatsaapp.xyz/kss/25967697/?i=1Offlinedoc emotet ext epoch5 heodo ext sugimu_sec
2022-01-12 22:50:04http://zz.whatsaapp.xyz/kss/25967697/Offlineemotet ext epoch5 redir-doc xls sugimu_sec
2022-01-12 21:11:11https://zz.whatsaapp.xyz/kss/N33/?i=1Offlineemotet ext epoch4 heodo ext xls Anonymous
2022-01-12 21:11:04https://zz.whatsaapp.xyz/kss/N33/Offlineemotet ext Anonymous
2022-01-11 22:07:13http://zz.whatsaapp.xyz/kss/N33/?i=1Offlinedoc emotet ext epoch4 heodo ext SilentBuilder Cryptolaemus1
2022-01-11 22:07:04http://zz.whatsaapp.xyz/kss/N33/Offlineemotet ext epoch4 redir-doc Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-01-14 07:52:14e7dff9977a528e887ecaa6aa818a1ddf868d700f6e13078ac53d801c61d4771axlsm Heodo
2022-01-14 07:27:32c94b6907928429e7d56f171d9a379d24c0250086ffbeb2a9da5dde1049fa569fxlsm Heodo
2022-01-14 07:16:32dc929317cca3b519661820052cd357c4891f7725de37b15637010b5903292a0bxlsm Heodo
2022-01-14 06:44:580766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58axlsm Heodo
2022-01-14 06:13:51a89097e556d8e582deba3d9f6c471d585cd8ea41cf7e40480f967985ed90e60dxlsm  
2022-01-14 05:47:4538b84fcdf7e7ed1a95a221a66ebb59bf63847b414da3370144e103a23b9a577axlsm Heodo
2022-01-14 05:43:41992922c0dd74c7f68096c93f4df4d4fb642f1503e40b7b20eef156edebe70839xlsmHeodo
2022-01-14 05:16:16ff585f534b9fcb8f660da3a92bdf92629e9d66cc31aceff6d3cf69be3aa2da60xlsm  
2022-01-14 04:48:30be9b720458252f06a6688c838079c24730523961b9242c3a0c76ef5c4c1ac949xlsm Heodo
2022-01-14 04:32:32ec237a7588cb70688e3f57edf9ec59126b234f51b996b68000604002a379dc5dxlsmHeodo
2022-01-14 04:20:5659ae2ce51e3e9e2d3e412dcf23488aa002acb72d34656606872d00bb4ab0eca3xlsm  
2022-01-14 03:52:07878245ca533c239b7066ce1bb483d8cd42a8d5887954c3e4db00b5a52d46f354xlsm  
2022-01-14 03:34:07296171d1b92b175041ee3829e60a6880b93861ef09614e912d112777fc2fe13axlsm Heodo
2022-01-14 03:16:23cb0d9916b6be6d3b9d52d057b5b8aa3b223284abe331467dea72eca27165a618xlsm Heodo
2022-01-14 03:04:20efe94cedd53de019cc10da7939e5ea9a62de62e66cb917b3d2ffcc8f2fba969dxlsm Heodo
2022-01-14 03:02:25b8e60cbecfbe9cdc725b0f3fc1524d2004d7a1e7a7aca69e4f7bc0ce89fe2f54xlsm  
2022-01-14 02:37:59d7e424ccc4f316f9abbabc2a3b0bc47b61daf071111fed745056ffc823c541c1xlsm Heodo
2022-01-14 02:17:3077f9047608db228251671697e703de19448819776d18446a1c5cbae840087e02xlsm  
2022-01-14 01:39:30a0a8993ac49af8c9a67d95350e800f6adfbc38b6bfc5a7c213eca23b0b9e5857xlsm  
2022-01-14 01:29:07620279fcd1238b22b28ff6e4d98f577b33d7dcfe09e7729f6ffd76070cec42e8xlsm Heodo
2022-01-14 00:59:29db24f279d1e6ca28783d945c325f1a530ba117171035e72ca275e3bbc0d8bfd2xlsm Heodo
2022-01-14 00:51:016865b7a1dc0601641ca16e96af174f9dfceb18c137e19db1801def5dccb3b79cxlsm  
2022-01-14 00:27:30675e9b8ca552efccc34ac7a2f9fff8ef872d7a5cf5790aca00d33baebff47a87xlsm  
2022-01-14 00:04:1181bb7a133cc21a5f209bb293819b5157ff69fb246fd652a40caea0a5d98d90c3xlsm Heodo
2022-01-13 23:46:36e50a105ddea8f6a8d4e939cfb72b87b38a7ca408cbbf06301b2955af36c978edxlsm Heodo
2022-01-13 23:31:04b562c5859952df079c155d22d21c3cbc2d9f838b20578aa75bedf6d6496ece65html  
2022-01-13 23:31:0488422e6f6a8baaf355add1168faec3c2cf520438933d982dcff40a31f2468a09xlsm  
2022-01-13 23:11:020f7733066d2857280a04dbe1d6780d51d49894c7576632be019c7b7b54318028xlsmHeodo
2022-01-13 22:43:13b92219911245e208dd5089a02ad54181c2646a905a59ef38fa3919bb0cda98a6xlsm  
2022-01-13 22:33:401de860bde561d55095e552fa90b69c42d9b9a2c7869540cabaf87cf332e7a657xlsm Heodo
2022-01-13 22:03:225beaacf0c6bee900893f52cff69c41a062fc684f58bf402487329402424c14b6xlsm Heodo
2022-01-13 21:31:4988876b87c1e34620663cc95177326339d7853e695ff37d35a180f61d76d019bexlsm  
2022-01-13 21:07:5480f732153350e276a2b676506c38904e02387501bbd7946340ee90858bcc5f79xlsm Heodo
2022-01-13 20:51:44f2d39fc2afc622cadc2c5191918036993aff3a2eca268590fc3926b66534db15xlsm Heodo
2022-01-13 20:22:360445c2bd85dd4a03d6bc056f164dd19bcc7e22f823086a2678e4cc74ffa61880xlsm Heodo
2022-01-13 19:55:4130a24f31a5ad5ce7d7ef2452f76f767be97dda2bac031dbbaa744ec0ba5993f7xlsm Heodo
2022-01-13 19:33:34f9f1c04b9ca8d2ea3cc2466d6b1b860e64f73af649c40ee87e12847d52ffd37fxlsm  
2022-01-13 19:12:22890e54734498c0cf6c05a9678b66b29e3c38203ea61f83937a017ba7afed9809xlsm  
2022-01-13 18:48:238186f82da42f9f07b405d280632e62d7632c4b472cbb489761bf400bc9ac2b74xlsm Heodo
2022-01-13 18:16:3516a16ae0734ca9a2fc30199cc0c63a5839677da947c1d03f30e26802208f0c13xlsm  
2022-01-13 18:06:432fc174fae6bcf5ff45e069783a751950e4989cdebf6f04fe8ddfe2121ca28f15xlsm Heodo
2022-01-13 17:39:306aba2f1108a54a6e94dddf1fd12bc6f4b8b8a6d083fc5481e8ad35dc9b20b192xlsm Heodo
2022-01-13 17:26:57dc8adc8e13d3e5a64f2d69f2163da90a19cd80594bf4db6b8d17c381312d28b6xlsm Heodo
2022-01-13 16:58:333e8ac5b89fdb8697813438a75aec6df15ad029e5c499a023f5bc7a209ff1b13bxlsmHeodo
2022-01-13 16:31:3878dd5816d66701839612b5caf64d4337e45d516e52b5f177345f5019ce4aa907xlsm Heodo
2022-01-13 16:17:35e07efb44e73f01e1cd957c1874bce0e453c91eaa561f46efb373edb97100320axlsm Heodo
2022-01-13 16:05:01e8da2349f8ec549d999a3e63b1f859f0452b0301aaf4fced70ecbba675b81247xlsm  
2022-01-13 15:34:577d20451deedc42248ceeb3cc205328d45bdc50d6d9a652f08773d052e1c598cexlsm Heodo
2022-01-13 15:07:54c87454534ee25d7d677e5bab46857f861240685ce17532b788892d370096be83xlsm Heodo
2022-01-13 14:57:4641750a936f4e59a899e45972dd3ccf154305807c52bd7e5f5b19344e909f86baxlsm Heodo
2022-01-13 14:40:412d009791d777c752c4fddb6e32e5d123d7ecf80145baef849436bf4879259b8exlsm Heodo
2022-01-13 14:36:225d7049ddd0c94d31087e9b7809dd67ab2c097e01ffacb571225e7ab561f57f39xlsm Heodo
2022-01-13 14:13:5708c7c9f40c6db283966c794771c90b7d9f65dedfb785b861e02187f62f0dc0c8xlsm Heodo
2022-01-13 13:50:044624a6c75a73e206d26cf23225ddf8c14c9bd3fac85edc04aebf63a281aa8bd4xlsm Heodo
2022-01-13 13:23:58399fd8ce9218a6b24bbf3c9e307934df9b2954d45119371365be1360c88ec6f5xlsm Heodo
2022-01-13 13:00:108440f26c78450c4b1f022a497363963b84b99da232ca91b5da7f4aad2234bbc1xlsm Heodo
2022-01-13 12:21:56b3a8073712469f70329fad465825f867bd6dcf83420de3004730f91ecc938138xlsm Heodo
2022-01-13 12:17:121837567c1c4771488aaff8602f2c98711463d9afd7dbe2a3ab3413e37e30f610xlsm Heodo
2022-01-13 11:40:33cd1b8b06a27b93f21a8da161ab4af2768ecdcbe5f8f5122d89c33caf145da46cxlsm  
2022-01-13 11:26:2307fddbd97e1846aa7ef2fae79ea0d177a89210725b1a66a8b52bb066cc36bb1exlsm Heodo
2022-01-13 10:46:45726be01c1600c33b9a3d322885ca12383ec5b64546bb389670176f77f7faf162xlsm Heodo
2022-01-13 10:20:28d32a60905cbcf3b82765d7291ede8777aa420c096699a8f848d3417e53158346xlsm Heodo
2022-01-13 10:09:11e87856edf8567e6e432ef09f0cc575e581c36b5df71a16c71658a5fb980a3d86xlsm Heodo
2022-01-13 09:46:34ca6662f6a52a16a294b7d873a1f4b60f6ed054cb1cbaf3207081f30380c573e2xlsm Heodo
2022-01-13 09:11:46ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305xlsm Heodo
2022-01-13 08:59:022cfe6cc60d786a8b94d9d3114d344fb74c21e5ce5391dea3d1550df17fee05b4xlsm Heodo
2022-01-13 08:33:129e1460b0a4debafe9636cf43ad6de3069afc41e53b2c0c09b6337bd165a7bcefxlsm Heodo
2022-01-13 07:55:5422ed1803ea7fa2aa21adb614d88627eaf141fb5663bac536d56f3db835dd0811xlsm Heodo
2022-01-13 07:35:534dc514dc9290b966a14aadaab3d4c168419ed606a81d0a1262318d8b305cfc8dxlsm Heodo
2022-01-13 07:18:026169a4500b717ca5de60b77b01c2c1ddf5dbe18bafd0af142248d5066eef19ecxlsm Heodo
2022-01-13 06:56:58152d0b25ca2f0f4066edf77906c112fe4e6d49c17f6fc35a039686276ad7686dxlsm Heodo
2022-01-13 06:41:27259272a5032f537239c61ba1c8b5bdd26e8e6c4f1ec9b54ee52eaeeac5f5690cxlsm Heodo
2022-01-13 06:13:228e2712e45fb0cbdc5a565ba4f5582ef6b0d871a0159abaed0fb6c4d519382547xlsm Heodo
2022-01-13 05:49:3890d0f5a1133f995ef6280f0b82b5de6d04f94f727ee5842a0a36f6e4a0b4460cxlsm Heodo
2022-01-13 05:24:23c14e76a48aa71dbc135baf60cb71367b03353dfd7e1e256ec9158c9ab9566677xlsm Heodo
2022-01-13 04:55:1937bb74fcd5b1ff6bbd323163e21277b3ed80d124cc4d727f4ec64d1048a2c85exlsm Heodo
2022-01-13 04:37:27ae8e1d5678b54ef2ddb35fcf1233370916f4e2355f1aeb9066b9f7e12d07bcacxlsm Heodo
2022-01-13 04:13:24a31aca91b05fbf55ff7e2ebb699e532dbd3025bdc3b9f2646fef0f330f6e574axlsm Heodo
2022-01-13 03:48:29869b3e37539d37f91353d70a91951ea1da88ee298ed6992b06315984bfb23247xlsm Heodo
2022-01-13 03:32:42d1a30b9b19b21d52e0d3bb831b52aa3a875a3cb9df1c021a57bb9766228ce3dexlsm Heodo
2022-01-13 03:13:250f3edf4e46a263ca74e1089aaebc8b85db3e80677f8f4606e5f9a09fecec3903xlsm Heodo
2022-01-13 02:51:094e334f1e7d8c85ec0ef565959898a1ddbe225377df8590e806143832bc768320xlsm Heodo
2022-01-13 02:29:45ad80a159607095ce60f84198a537f9ed0bc3b5205b2a84a49c8173d53d942e60xlsm Heodo
2022-01-13 01:55:0918b6cbb0d07ff485318c932b7c8704153e563545e4741e5dfa42229519287263xlsm Heodo
2022-01-13 01:47:01bfc5772205c81262f1c0e3bd7742f6aa7d2f41e03cbdd43729f2376a9b96ea16xlsm Heodo
2022-01-13 01:31:52ed02cf2428790fc05964cbe66c268a67503551249437381125a51401de15e753xlsmHeodo
2022-01-13 01:12:1607efdf65fbb6c43bdc3ac46453701f3d1bb0f284bad5865fb4f4cf54c127708exlsm Heodo
2022-01-13 01:02:2600714061c46c2698b29d0f88c92096cc433a3b26acac70825717dde40e0ff407xlsm Heodo
2022-01-13 00:27:41e19c4cdeb5c2e9417e8976342dcf2494d337be7e4f6be1f465e9eacf998a6d5dxlsmHeodo
2022-01-13 00:02:0538e984900acb5a6830c8ea2b34c0b1b85c45b32848da185c5bd3e2546ade2311xlsm Heodo
2022-01-12 23:47:0720039ff121b47e5026b29877b299b76e47f3c7f766b9010a04e148a19823dbb6xlsmHeodo
2022-01-12 23:25:29e62d334e565115ed95712c266991de6e26054d57b5c019a4ef2c0382377c93f9xlsm Heodo
2022-01-12 23:02:5424355720d9e3b12c0bd49ad9b2ade504263a3bc06d95103a3c086a316dc2ecbcxlsm Heodo
2022-01-12 22:50:0431ca17b03ef6422b7d631d23ad6af8ceefc4fb869ec0eab149172ceb59400342xlsmHeodo
2022-01-12 22:50:04531c6e6b5108497100498bd347c25764cc011786ec0128f73a831e7e650d2c0bhtml  
2022-01-12 21:11:11aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bdxlsHeodo
2022-01-12 04:56:46aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bdxlsHeodo
2022-01-12 04:35:179960d32985df1b5cfa49908148f8ca999ff3b82aff1645280ff9f71ca61f2805xlsHeodo
2022-01-12 04:19:31788c6ae40bf00e27769846c7ab03bfee240d5ee52f765f498918a0333498eb82xls SilentBuilder
2022-01-12 03:48:31ab10f99205c871817f94e6f2e7a2c654504a2bfde5ed375401a200735694560cxlsSilentBuilder