URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	cancer.educandome.co
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-01-27 14:22:26 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	57

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-09-05 00:23:42	174.129.73.73	ec2-174-129-73-73.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2025-09-05 00:23:42	3.209.190.230	ec2-3-209-190-230.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-09-02 17:41:41	13.219.46.100	ec2-13-219-46-100.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2025-08-31 10:27:26	54.210.57.192	ec2-54-210-57-192.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-09-01 06:43:05	44.208.56.180	ec2-44-208-56-180.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-09-01 06:43:05	52.54.64.36	ec2-52-54-64-36.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-08-30 00:44:17	13.223.131.22	ec2-13-223-131-22.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2025-08-26 20:36:26	23.21.90.51	ec2-23-21-90-51.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2025-08-26 20:36:26	34.237.20.54	ec2-34-237-20-54.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-08-11 21:02:08	54.164.204.90	ec2-54-164-204-90.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-01-27 21:03:07	https://cancer.educandome.co/hwemy2gf.zip	Offline	Dridex	Cryptolaemus1
2021-01-27 14:22:30	https://cancer.educandome.co/hwzemy2gf.zip	Offline	Dridex	stoerchl

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-01-28 15:25:32	d38482b2ee3862fb7d2823365820cad52050abb419dae03bde2cf75f5af607f6	dll	Dridex
2021-01-28 06:38:50	7a200360163701a899ef12510b1bfb5a88bb904800e8cf8c687ca2a5a36247dd	dll	Dridex
2021-01-27 20:40:14	661fd79c0129401947b43d2212f5156616dc88e7d38f8b65499e6e0f0b93e39e	dll	Dridex
2021-01-27 18:33:13	5fc8b21e4976f8210d3b9ab1f9400a0fcabd720f1c3611147daa72e9a8e5624a	dll	Dridex
2021-01-27 16:44:49	c1e0d19ecd4192e14ebd8c41073207c881b7104a68e30469821464a726f93be7	dll	Dridex
2021-01-27 16:12:38	f041b82e41b611dde1546e9204cd200d84de265a4c314760176d0a92792231db	dll	Dridex
2021-01-27 15:23:48	ee0d0cdb50a25529043244c035bafe10936194d268ebcce2cd55387e3491ba5d	dll	Dridex
2021-01-27 14:22:29	930f3adbd388e4a5f4c86aa854cbf317ed09aefd7798e3a0e5fb6c88032bbc9f	dll	Dridex