URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry


Host: deepfreedom.org
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2020-11-19 13:11:03 UTC
Total malware sites :1
A record(s) observed :17

IP addresses


The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-11-24 11:56:13 172.234.24.211k8s-svc-lander-02.us-ord.parklogic.netNot listedAS63949 AKAMAI-LINODE-AP- USyes
2025-11-24 11:56:13 172.239.57.117k8s-svc-lander-01.us-ord.parklogic.netNot listedAS63949 AKAMAI-LINODE-AP- USyes
2025-11-01 05:35:13 172.236.126.142172-236-126-142.ip.linodeusercontent.comNot listedAS63949 AKAMAI-LINODE-AP- USno
2025-11-01 05:35:13 172.236.126.234172-236-126-234.ip.linodeusercontent.comNot listedAS63949 AKAMAI-LINODE-AP- USno
2025-11-01 05:35:13 172.236.126.145172-236-126-145.ip.linodeusercontent.comNot listedAS63949 AKAMAI-LINODE-AP- USno
2025-11-01 05:35:13 172.236.126.225172-236-126-225.ip.linodeusercontent.comNot listedAS63949 AKAMAI-LINODE-AP- USno
2025-04-27 15:23:53 188.114.96.3Not listedAS13335 CLOUDFLARENETn/ano
2025-04-27 15:23:53 188.114.97.3Not listedAS13335 CLOUDFLARENETn/ano
2025-05-04 19:42:36 104.21.75.137Not listedAS13335 CLOUDFLARENETn/ano
2025-05-04 19:42:36 172.67.177.118Not listedAS13335 CLOUDFLARENETn/ano

Malware URLs


The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-11-19 13:11:05http://deepfreedom.org/qz0h69.pdfOfflineDridex ext JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-11-19 13:11:05745873208ce43a3b250f1dab6bb43f6cf1aeff3a8d5b6da890b5cfe865b35455dllDridex