URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: school.zlygu.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2020-08-11 23:51:03 UTC
Total malware sites :1
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2020-08-11 23:51:05 103.120.225.186Not listedAS4837 CHINA169-Backbone- CNyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-08-11 23:51:05http://school.zlygu.com/otlnqvvai/730016710/Offlinedoc emotet ext epoch2 heodo ext spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-08-12 16:43:42f3852c9ccc8a88f0f18abfd98b52f67f59980f1ddd97da7743a4bf6c7fe900f9docHeodo
2020-08-12 16:25:33c8a786dc04983454baecf5cf019aca018b4616625ced2d911f1ef8ae0f350b92docHeodo
2020-08-12 15:54:2525263694227734da43c741c2d09b0f0aceb8cb2d9488378a2ea765c6c19be594docHeodo
2020-08-12 14:22:02769fdcbb9c76ec8717df97f8ef25652a090e9a258c87f715f28b8c87fb921e35docHeodo
2020-08-12 14:05:282c99381fa134d8121f52b07a62cf94574cd977c2662a4087f18b2f5960370005docHeodo
2020-08-12 13:45:13801b894083a28702abb0010b0d8c0fdbdb840c5ca75143f0b3651ffcd9f4733cdocHeodo
2020-08-12 12:14:068133ad23a95674ac43c254256076e1571b6ac10c7fa712df1a0a3fc9054f2093docHeodo
2020-08-12 10:46:24e9b11c739e5d0a771cb4efdc41e3d084460fa975e42a309294ab185eb2836728docHeodo
2020-08-12 10:20:4323be0779d59df875485b237b812b0b7d7c4d53c41dd57cc961cfa570bf09eef4docHeodo
2020-08-12 09:59:519ec7ef1bc0701307cd1c1ddc9a252a989e724abc0705fec55d8bceefc7ffd087docHeodo
2020-08-12 09:30:4014967b4d7ed265d47e03452c19a7c3d048828bfe37abacf2f56782e7eeeeab23docHeodo
2020-08-12 09:05:510f87f594b33d4d92a3b56974f9073f6152c33ada49796983d355434e36b5bc71docHeodo
2020-08-12 08:30:4475ef3d95b4977d636664bda5c6cd5f0444ecc1ca7d0753f424bfe829474fa330docHeodo
2020-08-12 08:12:54a56d5701d53cd34f450eb0a957c6f5c0716a835bc9c9070e315e22f71889b72bdocHeodo
2020-08-12 07:51:53214f91b9b3ab2ea28b14536241901516f9141df4e12fd3b2ce52088fef0a3734docHeodo
2020-08-12 07:29:47fe14ae5d76ac1ccafc67f474efe315000dadae344444a44c9200e04e94ebbdaddocHeodo
2020-08-12 06:44:51025046a10693eb1c9dca8e64fa2dc55f1ba16ff9c6650493205e2c3af827e1dcdocHeodo
2020-08-12 06:00:368e22bd7e1069b711e14984376aa66b7994d91748a87570e44d30cc4437ab8f79docHeodo
2020-08-12 05:46:14c978e204a4343d19a9b1df57379618a391455fe0f0fd17e49fcb670670c4241cdocHeodo
2020-08-12 05:25:506f973501cc2dece992aa2f959f8e352e424e96f06abb300b4bed8bcf2ab4bf34docHeodo
2020-08-12 05:10:09035f407beebfa56f402f686f6bf72e0217cf4d4b06106b1dcb3877e1167fdfd7docHeodo
2020-08-12 04:50:35f9f228e552c3971983d4b5909776c052df083b9b41f65f764ceba0dc9d6219e7docHeodo
2020-08-12 04:32:00e95c19b3173d0c69d60efb950859b2ffd3020235efd6c47ffebddf950a0edf52docHeodo
2020-08-12 04:16:2029a8f854081e5f20b6709851863472cd33a1863fbed4867153edf6fcc5e86dc8docHeodo
2020-08-12 02:45:287575d9ebd2153fdfbf4c1626ec4769e8cdef40ea8e2990670f1cc5cba71a2e7edocHeodo
2020-08-12 02:29:494c3eddd6a41f348b80609e91f83e3a9e22818758105ce3db1de70777baeae682docHeodo
2020-08-12 00:59:01358176ae69d49cbdc29ce5f8965efe9952253949970d9de4e8f09f46c488e6ecdocHeodo
2020-08-12 00:43:385d38e73c8e461773d7bd09fd69760d3e0335e51cd3df39676a4c2af22343c43cdocHeodo
2020-08-12 00:30:40f5e067c9ce4ac6b6dca42fbb099d867e403cc3e6590dbe9d8650b588cbb48637docHeodo
2020-08-11 23:51:053c0599ae858031c0c75fd5b106521b3cfa425e17c517704b6211b3e231680fbcdocHeodo