URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: co-legacy.com
Domain registrar:GoDaddy -
Domain registration date:2009-03-13 12:51:23 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2019-04-02 21:00:22 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-27 17:54:53 104.21.37.239Not listedAS13335 CLOUDFLARENETn/ano
2025-04-27 17:54:54 172.67.215.130Not listedAS13335 CLOUDFLARENETn/ano
2025-06-30 16:38:20 155.138.195.218155.138.195.218.vultrusercontent.comNot listedAS20473 AS-VULTR- USno
2025-06-28 06:04:22 72.202.235.117wsip-72-202-235-117.lv.lv.cox.netNot listedAS22773 ASN-CXA-ALL-CCI-22773-RDC- USno
2025-06-18 19:59:41 15.197.225.128aec037177372cc6cd.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-06-18 19:59:41 3.33.251.168aec037177372cc6cd.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2023-05-16 13:14:38 72.167.68.184184.68.167.72.host.secureserver.netNot listedAS398101 GO-DADDY-COM-LLC- USno
2019-04-02 21:00:25 192.232.249.199192-232-249-199.unifiedlayer.comNot listedAS46606 UNIFIEDLAYER-AS-1- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-05-16 13:14:38https://co-legacy.com/oao/?1OfflineBB28 geofenced js Qakbot ext Quakbot ext USA Cryptolaemus1
2019-04-02 21:00:25http://co-legacy.com/wp-includes/sec.accounts.r...Offlineemotet ext epoch1 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-05-18 18:53:4451ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4js 
2023-05-18 16:42:18c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021ajs  
2023-05-18 14:07:59296869c2b26b38f807c0445c68331a28b67be3de34638012c7ac373d583dc562js  
2023-05-18 13:35:44b4a90889250c70642150c7b822ece35979290cb3664a5f778ccb8195b4c440ecjs Quakbot
2023-05-18 13:14:288aa9df652c080c1ab6754cea7be1a61ae330512a5ddbc9af51177cbeb20da8e4js Quakbot
2023-05-18 10:14:03a4d5af2c7491cf9e8c6fc213f49572749af1f591ad0e453bfc3770dd17d884dfjs Quakbot
2023-05-18 08:28:3464dff88a0434f88beb3fac1ad7fb2945b374f90e6ee2ee7322665681b945e790js Quakbot
2023-05-18 07:23:476f1a5f81c661643e1367ba7f42de50ede7d8841c0eb4bd7e13f5922b8a539766js Quakbot
2023-05-18 05:39:149be436ae8d8612af572358c0394b27e9c751e6f50b2597c2b7ae636e99088255js  
2023-05-18 02:56:038fe6b80c39f345411e663560d164edb44cbf0ad7ba4914ba79f02bb403348f27js Quakbot
2023-05-18 02:37:215195290a6bfe72d1709c08345d0210181ab60e363339796ef44c05a17d9c03dajs  
2023-05-17 23:18:118ef706183443d30910cb1d411aa36e657e86119ff849b6a9edef4125b752bb92js Quakbot
2023-05-17 22:24:39749721b74088db119de7bccbe5cea0c9486f42bb570461ff262c5ed324b4ca16js  
2023-05-17 20:13:444a2d1d02742e1dbb3fdee1d9ff6862a5a45e7920404df24a06740007d4b653d5js Quakbot
2023-05-17 19:03:3781d46bf6cc71d927906bc2a9ae29103ed6a1d3f01599e9736dd016267c874521js Quakbot
2023-05-17 17:10:5626a9ccdd2cb5bd68aea8b06532a4945f8f6585f5ee8e03fd64c7dd7ba9bde535js Quakbot
2023-05-17 15:30:223e80a8823bae07e1aca749a62a6da2c57f0f80ebb6d4a8cd1be2ea749d3af45cjs Quakbot
2023-05-17 15:07:172148fe2b647b8aa1006957e65de07d42e631ced18a21aa3d1aef1ad5d22ffae2js Quakbot
2023-05-17 12:28:57dd49f4bd134e3d669ea1daeb866bffdb27dd69e46b07dfc3b04758e718b40700js Quakbot
2023-05-17 10:26:071058953ca9ef03d67eefffa431b2998050b70e4e271a7ff578b9fc99ec97a42ajs Quakbot
2023-05-17 08:43:02a5ad4dc55d28926ad256e94e8f66800b891da299d211acd5ce2f859aa4593726js Quakbot
2023-05-17 07:34:5066280b24506c04bf528b4d17a99a97d9b76cc6c89e4ee6201ccd81e1a26d4c36js Quakbot
2023-05-17 06:12:065002cc0cb375025b869d05ed54899ff29268730d46a147a76bd5228e939a15fdjs Quakbot
2023-05-17 02:44:5106547c39200c2ca8e39196694ffb8736a6635d92e9e7c1c9d9c9d4f7e5538e67js Quakbot
2023-05-17 01:04:28ab1829adf96917a725c73905806e92fe83ebc202648947188d5ca48d0dee34a2js  
2023-05-16 23:07:413116cd147019ea58f2c9fc79ef8466fa337d887bcb841cadb01f815a532024b2js Quakbot
2023-05-16 22:29:54a536903cebee6ba21a424c70acb896dcc37b18277ade0961cfacfab1578aa590js Quakbot
2023-05-16 20:24:575dd0fac13c985735b06d124d9e3a5a55393b3c1a11003de17ece33ea6b4e7e5cjs  
2023-05-16 18:24:4066176a21203c5a4da1f9ee4950a2508085c3220f0c9ebe8aa96412bbff323915js Quakbot
2023-05-16 16:16:4249dc2047d1ee99a6eccbed14100137fa59537a9f371b359aefdc586fe31731a5js Quakbot
2023-05-16 15:19:13b455f08145a9473601d2d5750034786d98ea9acf9d1259e0276952c488e24396js  
2023-05-16 15:16:30e01f13e0ba2af18ea43fc0ca809ed3f46f390a9a4f0de93e9076f5de7dcc7e8ejs Quakbot
2023-05-16 13:14:389ab21b1634088b602407046e4cb39c7c10ac6a873c23563aa084403d88f5f9a1js Quakbot
2019-04-03 08:00:16ee8dc441596b37f45e1a11fba9247a95cea357dedc6acd0eddf63dbed747c9cfdoc Heodo
2019-04-03 07:37:159bcdf8f1ef2d23e421e68ec60b405c4bbaa77b89e0ecb3dc2c58b727a7f51933doc Heodo
2019-04-03 07:05:14f675f1b5d8d2f817401b38a208f1cfdd255fc96854b613703b427170ff3a4d62doc Heodo
2019-04-03 06:41:129c28d2b54cc9c5542cf08ceb82838e30a4285ab4a927c9e184fc1a6806d8925adoc Heodo
2019-04-03 05:08:08bbe81ad0327f03f35ae1345795c61e2b725e275dadcd84bfca0efbe3fb37a772doc Heodo
2019-04-03 04:16:135151fb7aec67ade6838e6bcdf2b90d8ff349e225c4202534b81129e2d43b9500doc Heodo
2019-04-03 03:30:10d38a5dcf8157badd948c4b633cc3c96be182b1e3966e22768b1c50d9313307f4doc Heodo
2019-04-03 03:07:106969d147438848f98bf4d55ede9a9e822055edcf9e3366c3420b83d365f0dc74doc Heodo
2019-04-03 01:51:20982ceb7f898200836f847b10d81ee7faff43d103248981b66effc3e2ddc44d54doc Heodo
2019-04-03 01:28:08da723897bf490193511b89fabd65f2c80a746afd15a92b0a0ce5500d174198c5doc Heodo
2019-04-03 00:57:10b04d811c669288b47d71ed7140fa92ec6fedfd828dabeda508e30e6b02373d2cdoc Heodo
2019-04-03 00:34:121bbee951c39bd4fe6c34dda1d615b86564b100c105d334ad7bef9b48c6b3575adoc Heodo
2019-04-03 00:11:179f1d9a160c52ae086aa022d81a79efbc507d2b3eacbe6b7d8266b28d5c9afb18doc Heodo
2019-04-02 23:48:15be79c4427d6b7c050ec4a350dfab38238379706dceeb7efdc2dd7c246aa6661ddoc Heodo
2019-04-02 23:22:111e360c20dc040640807c1c84c439030d4a27c3e434bbfdf6f5ab5bacfbb6c353doc Heodo
2019-04-02 22:57:162a80e79117ec8b828d768ebccafbf64d4ec2c876d8cfe1bb7a8c07006764e9b8doc Heodo
2019-04-02 22:33:13b617f7b321c180d7ebf7dae416c8c95d44c315f2d42665572f538c183ed3af1edoc Heodo
2019-04-02 22:02:1606db63774447c6e612358d5ac55d6528288c6d84f9b840a9d512b7e5f5d19a04doc Heodo
2019-04-02 21:35:16794c7c25c8801298d45c2e08d711dfae269f9906c2f4dc52d6808eb3a13b9e6fdoc Heodo
2019-04-02 21:00:24afa7a1626e4b444e1f9614544924914f07581e56bb2def0653a3e69895e7d985doc Heodo