URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: blog.gadzoom.net
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-10-19 09:28:03 UTC
Total malware sites :1
A record(s) observed :348

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-05-01 10:35:55 35.185.44.232232.44.185.35.bc.googleusercontent.comNot listedAS396982 GOOGLE-CLOUD-PLATFORM- USyes
2021-04-07 01:20:16 13.249.13.100server-13-249-13-100.cdg53.r.cloudfront.netNot listedAS16509 AMAZON-02- USno
2021-04-07 01:20:16 13.249.13.20server-13-249-13-20.cdg53.r.cloudfront.netNot listedAS16509 AMAZON-02- USno
2021-04-07 01:20:16 13.249.13.34server-13-249-13-34.cdg53.r.cloudfront.netNot listedAS16509 AMAZON-02- USno
2021-04-07 01:20:17 13.249.13.68server-13-249-13-68.cdg53.r.cloudfront.netNot listedAS16509 AMAZON-02- USno
2021-05-05 06:24:40 13.249.64.24server-13-249-64-24.dfw53.r.cloudfront.netNot listedAS16509 AMAZON-02- USno
2021-05-05 06:24:41 13.249.64.62server-13-249-64-62.dfw53.r.cloudfront.netNot listedAS16509 AMAZON-02- USno
2021-05-05 06:24:40 13.249.64.80server-13-249-64-80.dfw53.r.cloudfront.netNot listedAS16509 AMAZON-02- USno
2021-05-05 06:24:41 13.249.64.81server-13-249-64-81.dfw53.r.cloudfront.netNot listedAS16509 AMAZON-02- USno
2021-03-02 07:13:19 13.224.193.123server-13-224-193-123.fra2.r.cloudfront.netNot listedAS16509 AMAZON-02- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-10-19 09:28:06http://blog.gadzoom.net/wp-includes/g0/Offlineemotet ext epoch1 exe heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-10-19 15:33:227f7d7c5e5944d16149ba1e6e47c0b9057da9e5fc38e67782171dcc1578588a18exe Heodo
2020-10-19 15:14:406b71adbf0b442cee29706ecd791b9957d777a8fe2a8c343e3726266ab139708dexe Heodo
2020-10-19 14:47:15dfbb4f9e0a6b9bb1bfe82c2a33430f6292fd53e47864b89d9d56524cf2e5af07exe Heodo
2020-10-19 14:26:164402de5a608a381f4fb3145418d43fbef8c30660189bf3fe05d3054e34ded7b4exe Heodo
2020-10-19 14:13:25aabaec6754b959eb71b03d5843b5f323633c7bf5b9995e3c327ef6ed43ac801bexe Heodo
2020-10-19 13:46:0258a99a9c0458043487ef12b8944a672bd0abd56b7efafe6674afa75f7f6b9123exe Heodo
2020-10-19 13:22:5319c7834005f8b52ad8592b0e6b7a6fb375357f12e2b11ddfb6e9132e80ad609fexe Heodo
2020-10-19 13:11:40e2d85b9d5e177590528bf2ba1cb58a41b2a0ab59e4831d8b21cfa08ee0c813e3exe Heodo
2020-10-19 12:47:53ef57f5bcb1779847ab0da19b80635715c00d92b0618bdfdf1458fa3bf3ab4507exe Heodo
2020-10-19 12:30:4833ee7efb2dbddfe1e5722a450613455d5584e777c4d0a92fbb3fe11faf28d8abexeHeodo
2020-10-19 12:04:5323ac2ab537c819ae4bdfa9b6aa102d2a8cab24e7f3e85f95d9032ee092e04b69exe Heodo
2020-10-19 11:54:370270c3e96b59251783e2bd7cfbcbf5162c105b8e7ed5c53fbcc0911d1e5e16d8exe Heodo
2020-10-19 11:36:415a7c441bb4302a5681ed19961028e4262ff5f7b450ea6035fcb9302743fcf6abexe Heodo
2020-10-19 11:18:099df1048cea7650959ce7a402917562515f3595aa8bdb2ae270de7a4f8904a7cfexe Heodo
2020-10-19 10:54:42e4400abca0c5d5c377caa8983be09efd0346f5a5527d8741ec953507a9f19978exe Heodo
2020-10-19 10:29:212470c84588a6ed9e9f99640074a315dab619c8480fb52a10a9a5aec88f097521exe Heodo
2020-10-19 10:16:0973d9de91872adea3c1321d5954236bd263727b897eaca1648b204a91628ab36dexe Heodo
2020-10-19 10:02:01b36cb42f36e5bda95136b5669461c4afffb255d99ac6ecf37231a7f081eea131exe Heodo
2020-10-19 09:28:0547259f3079ad41e0cc40476964c17907a466a948bab88495b880c294e7e5e99dexe Heodo