URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	zonozono.net
Domain registrar:	GMO Internet
Domain registration date:	2020-02-10 14:45:01 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-11 21:13:06 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-22 05:35:59	133.125.148.24	ik10013.mixhost.jp	Not listed	AS7684 MAINT-JPNIC	JP	yes
2025-04-28 13:16:50	138.2.21.2	ty10015.mixhost.jp	Not listed	AS31898 ORACLE-BMC-31898	JP	no
2023-02-11 08:05:05	72.52.178.23	lb01.parklogic.com	Not listed	AS32244 LIQUIDWEB	US	no
2022-01-11 21:13:09	163.44.187.147	www16.onamae.ne.jp	Not listed	AS7506 MAINT-JPNIC	JP	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-11 21:14:06	https://zonozono.net/egzjsu/872172750/	Offline	emotet epoch5 redir-doc xls	waga_tw
2022-01-11 21:13:09	https://zonozono.net/egzjsu/872172750/?i=1	Offline	doc emotet epoch5 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-12 05:05:36	532169af0239d3f90afefe58a433bda8070dd51a49fe6bf22ab3a8e365c5d58b	xlsm		Heodo
2022-01-12 04:33:39	c3fa8b9cc4ef363ee4e4c3a85b6c193d7c5fbe880eeb049cf36feba33777ade3	xlsm		Heodo
2022-01-12 04:06:34	f0b23646f26a31d99e6155652f24a0a4bf5706510d4cba8a7580b39fef731cee	xlsm		Heodo
2022-01-12 03:37:50	f3d1334b346c1bab22c541a6fb05cb2f0bcbfe8ba5a055d111b1c05505d5baff	xlsm		Heodo
2022-01-12 03:13:18	599ee297e7f0005588a3ec6437b689e5c4d2c07be1d974d3b0011f4cd1b5cc15	xlsm		Heodo
2022-01-12 02:41:27	c42c6b271090675b57d6970aa659e468606dac00d39875f1dd85f57a9f203654	xlsm		Heodo
2022-01-12 02:16:22	dd8a4718b16ebd639c4622884cc34f8f052f1655e71421c5bdc10898ffcd9c83	xlsm		Heodo
2022-01-12 01:43:50	18bb9fc6b0ed30350713c8e1f45feb512e0120b4fd7c052c74811b300fd597cf	xlsm		Heodo
2022-01-12 01:18:38	663ca3b8545e4e02572b5d348a1f77c7ef30d1810e8adbe25dd699b2cfb1792f	xlsm		Heodo
2022-01-12 00:56:46	b34e6de4f7fc9427651923dbdfab0c34ff83e99f9d44a4bfea838e1b4e59907f	xlsm		Heodo
2022-01-12 00:38:18	978af74bf15d2a91d89790b36c10deb099346510e755e8915883f43401b3fe10	xlsm		Heodo
2022-01-12 00:14:25	d193efb518a026a5507a4bb6bc168c2f7922c39ce1bb8fd5553512152cc2b88d	xlsm		Heodo
2022-01-11 23:49:35	d3e6a6a97ad6e4f79e73386e88cddd5b958d0f8745c551837dd366b929671704	xlsm		Heodo
2022-01-11 23:22:45	427080f3d4da3ec0746fc297c0a922b5212a53ae04504f5efd17ff4f9208c662	xlsm		Heodo
2022-01-11 23:11:40	6ec9e504112744f9f07ce60fb9315cdcd427d27a16c248fbe9746477bfc851af	xlsm		Heodo
2022-01-11 22:39:51	aa920a2c74b8982c5dd77f97f0dd2d6c7fd69f047983447d6ae43cdf1573b07d	xlsm		Heodo
2022-01-11 22:15:21	b8662d7aff6b2489b65fd6ddc022a5a87c6adb0e1ed1f0286ccd80c0bc11471f	xlsm		Heodo
2022-01-11 21:40:20	8ad61be673c186c9cdfb6c6c8d750fbcf80f920d4905742c0ed9d67833026ed7	xlsm		Heodo
2022-01-11 21:35:07	1fb26076eddbafe302c58865710a2c4ccce753f2019b0821c786fe3feb758b25	xlsm		Heodo
2022-01-11 21:14:06	488bac34467861a94c817c5b5e1d2678663e96c7da4209eb89f2560d6233e71d	html
2022-01-11 21:13:08	9c950eae8d1a85bbe22f50c1af49c29fb147e24c0b3ef2a16c04ff1894dded14	xlsm		Heodo