URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | data.yhydl.com |
|---|---|
| Domain registrar: | Xin Net  |
| Domain registration date: | 2013-11-14 02:48:39 UTC |
| Spamhaus DBL : | Abused domain (malware) |
| SURBL : | Blocked |
| Quad9 : | Blocked |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2024-10-15 17:17:04 UTC |
| Total malware sites : | 4 |
| Online malware sites : | 3 (75%) |
| Offline Malware sites : | 1 (25%) |
| Newest active malware site : | 2024-10-15 17:18:11 UTC |
| Oldest active malware site : | 2024-10-15 17:17:47 UTC (Age: 1 year, 7 month, 19 days, 1 hours, 55 minutes) |
| A record(s) observed : | 1 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2024-10-15 17:17:47 | 112.5.156.15 | Not listed | AS9808 CHINAMOBILE-CN | CN | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-10-15 17:18:11 | http://data.yhydl.com:20006/file/XWGL/XW_XXGL.exe | Online | exe |  abus3reports |
| 2024-10-15 17:17:47 | http://data.yhydl.com:20006/file/XW_Setup.exe | Online | exe | abus3reports |
| 2024-10-15 17:17:47 | http://data.yhydl.com:20006/file/YHY_Setup.exe | Online | exe | abus3reports |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-04-23 00:31:09 | 34d063069b5125dc5802ad52aafcdd7b196c5c141949e5b5037fb474f50c5ca9 | exe | ||
| 2024-10-15 17:20:23 | 3608630976dffeff302ae58a70f03c2423b846ee289ee039573b5dc590cca7fd | exe | Socks5Systemz | |
| 2024-10-15 17:18:10 | 71709da5b09cb66e0c2e3558dfaf51506212a562180a5c2060dfe7a1306cc774 | exe | ||
| 2024-10-15 17:17:44 | b3d75355c374e53960d22d6c5f1f929731a6aff79d841ffcd61834e69f3e528e | exe | ||
| 2024-10-15 17:17:43 | cf87fa791fbe7104f0ce6846b3c5b77677a80536735e3173cb59e9ea3a7c71cc | exe |