URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: ztecom.cn
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2020-01-29 17:08:10 UTC
Total malware sites :1
A record(s) observed :23

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2020-01-29 17:08:14 104.18.54.222Not listedAS13335 CLOUDFLARENETn/ano
2020-01-29 17:08:14 104.18.55.222Not listedAS13335 CLOUDFLARENETn/ano
2020-04-06 16:34:20 106.54.45.136Not listedAS45090 TENCENT-NET-AP- CNno
2020-01-31 04:42:08 175.24.103.89Not listedAS45090 TENCENT-NET-AP- CNno
2020-02-01 07:09:28 211.91.160.228Not listedAS4837 CHINA169-Backbone- CNno
2020-03-03 23:43:56 59.83.204.14Not listedAS4837 CHINA169-Backbone- CNno
2020-02-01 07:09:28 59.83.204.12Not listedAS4837 CHINA169-Backbone- CNno
2020-02-01 07:09:27 59.80.39.110Not listedAS134542 UNICOM-GUIAN- CNno
2020-02-01 07:09:27 43.242.166.88Not listedAS4837 CHINA169-Backbone- CNno
2020-02-01 07:09:26 221.204.166.7070.166.204.221.adsl-pool.sx.cnNot listedAS4837 CHINA169-Backbone- CNno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-01-29 17:08:14http://ztecom.cn/wp-admin/open_zone/guarded_h0q...Offlinedoc emotet ext epoch1 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-01-31 01:45:09cf37de24304aa0dd3b5ad32a824118e7e0b5621b5c65a382297f480b4d2290c1doc Heodo
2020-01-31 00:45:208ac6cda8c7b4094b736c508bc231f782f410a72cecec097edb943014ce610585doc  
2020-01-30 23:30:5838ed0185799cc1cb1e2fcfea1f554229ad2ddee7695a8eee704426cf83a6b7e6doc Heodo
2020-01-30 22:03:07710bca7eb8f1b38ff3ff591ffce42780c42d513d5db8e8edbed62b2a30a41145doc  
2020-01-30 21:18:383094a8cc9745d2d8c20e81837a459f5d1b7509d411d7954dc4f3309fbad50d3cdoc Heodo
2020-01-30 20:35:18df43728a90f505ab871cacfc9dda0c255c46428970911584e7ff00a42c796c41doc  
2020-01-30 19:03:59915478aabf43d394dd3ef4f1cb6de4976b0415b9eea56cd6e50780c10b8da5f2doc Heodo
2020-01-30 18:29:00754cbbb7ddc67e1475afc52e76a09e3c2f2caf788795fec9c7859e82dc81d9e6doc Heodo
2020-01-30 17:45:292d3704d70a241dbcd409a1795470714a4458938eb29c160def982de82fe45c28doc  
2020-01-30 16:35:2311078ef33eb1bccdd13fee326af0b5a51e5d9bfb1335c25004cf281c01ccfdc3doc Heodo
2020-01-30 15:38:40eba2dba873ee77550f0381f6e0fabf8501232bc19b5540b15d442e85cf817399doc  
2020-01-30 15:03:372d865b1d71a6827ca4eb3b7f884d08cc2acbcea2e862ce53a15cea4128959e8cdoc Heodo
2020-01-30 12:20:15ddf014e6d9e70bc1709c2ccde24524fc72092f929ea37df901ee88f152ae4c43doc Heodo
2020-01-30 11:02:036686a87ce4ec03815de4f384705a2a876aee4195ecaabf95d727a6d63030d4e8doc  
2020-01-30 09:28:371db0c100dfea192f88767bedda9beef583fcfb5c7797f32d7f93dcf045d3239cdoc Heodo
2020-01-30 08:49:4405540ab9749b214e8557c647443d6b4f997326d9e3ec01cf69b855c519c53887doc Heodo
2020-01-30 08:00:20cbfd00a796bdd447134f7dc1f38823e8e2eefb7075068cc197ec67c044ecfc24doc Heodo
2020-01-29 23:38:260c899fbd963450fdf0d3d487fd91c0ef00e8c4191115d99d58a6b75476b06254docHeodo
2020-01-29 22:07:27f3e0ea1e9f70b58a16ab7b737be16e81a1868a88fcdd4de0c1fb6c4a3aa6b3b9doc Heodo
2020-01-29 20:35:17fe69deba44a8e2e6d815e794cd8b4778f774bcedb63ab898800a0049a5936576doc Heodo
2020-01-29 19:10:3349e28f382793143c68d57be83f8e7252dea8674a30f06b9063dd9ccfc4f25e85doc Heodo
2020-01-29 17:39:14b7be54905b7c6faa05793dcfbd48dbe4b489f5424a08a31cc09e12ffb7390060doc  
2020-01-29 17:08:135eb633b9bd6da7ff4c302dad21b052dc44afdb390d71922735f384d05add2eb0doc Heodo