URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-08-13 20:43:01	172.233.219.78	viridian03.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-08-13 20:43:01	172.233.219.123	viridian02.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-08-13 20:43:01	172.233.219.49	viridian01.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-08-13 20:43:01	172.237.146.25	viridian06.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-08-13 20:43:01	172.237.146.38	viridian04.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-08-13 20:43:01	172.237.146.8	viridian05.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-08-10 09:27:31	69.16.231.60	lb04.parklogic.com	Not listed	AS32244 LIQUIDWEB	US	no
2025-05-20 02:11:25	154.218.36.189		Not listed	AS35916 MULTA-ASN1	SC	no
2022-07-05 17:26:59	82.180.175.130		Not listed	AS47583 AS-HOSTINGER	US	no
2022-03-29 09:32:28	168.197.51.146	sd-1418229-l.dattaweb.com	Not listed	AS27823 Dattatec.com	AR	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-03-29 09:32:28	http://funestotal.com/5aclo1em/21U/	Offline	dll emotet epoch4 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-03-29 10:50:21	f6c5101956bb89ae413354e00f73794b6070b4657644de2980fec744e25e464d	dll		Heodo
2022-03-29 09:32:27	7346e4afcb912d4ba4bce995abf5c90e38d07086d5a1871e43525144e9a5b022	dll		Heodo