URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: march262020.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-04-09 06:59:03 UTC
Total malware sites :1
A record(s) observed :4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-27 15:02:37 52.43.119.120ec2-52-43-119-120.us-west-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USyes
2020-04-12 06:19:36 5.53.124.110pstokf2.loopstokf.buzzNot listedAS49505 SELECTEL- RUno
2020-04-09 13:16:33 47.254.169.119Not listedAS45102 ALIBABA-CN-NET- DEno
2020-04-09 06:59:05 49.51.153.218Not listedAS132203 TENCENT-NET-AP-CN- DEno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-04-09 06:59:05http://march262020.com/files/april8.dllOfflinedll terdot ext ZLoader ext Jouliok

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-04-09 18:24:17e3c48c72d0d090ac01bff8bf6d54c08a6fedcda2e527d424d6f64a70016d2ba6exe  
2020-04-09 15:02:22e4601ce15ad7bca4617ad033f129a5d507f8e55b979c97a78cf31a6f501cb046exeZLoader
2020-04-09 13:38:09c44e8d9dba3b4a4cc835b460e69d336347fd3fbfb67621d7cd6e8723976607ceexeZLoader
2020-04-09 10:19:15f27183fd7586c6eaca1f6aaed3a7c3c6e52894e23b9656c3953318a85bbbec5dexeZLoader
2020-04-09 06:59:0569b37a5b3044cb14a9fc32440212f242e52f657b93306f4b90cccc3087ed4773exeZLoader