URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	legion.com.pk
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-12-22 12:45:03 UTC
Total malware sites :	1
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-29 13:58:05	199.188.201.179	business58-2.web-hosting.com	Not listed	AS22612 NAMECHEAP-NET	US	yes
2021-01-18 21:14:41	66.96.147.106	106.147.96.66.static.eigbox.net	Not listed	AS29873 BIZLAND-SD	US	no
2020-12-22 12:45:07	66.96.149.31	31.149.96.66.static.eigbox.net	Not listed	AS29873 BIZLAND-SD	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-12-22 12:45:07	https://legion.com.pk/__MACOSX/pT3h/	Offline	emotet epoch2 exe heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-12-22 21:21:57	40b2276b5f2e54f945aacbc8eec699b0bc7aeccec109305d33d600b96dad5464	dll	Heodo
2020-12-22 21:06:41	fe0b2695942accca37445aa3e6545e85b68ae4daad46ccbad20239d50d8a073e	dll	Heodo
2020-12-22 20:55:23	cb2183060c6b48cc7538ddb4ea5223e6d74576179cf20b87ded4dae867822565	dll	Heodo
2020-12-22 20:32:31	a6bca1c82c49ab44fee2db8b5052e05a507af1bbad94f58a73cf558ab7d5b36e	dll	Heodo
2020-12-22 20:19:02	bca150bd60780f63698ed16efe5d885ce01d914696669f606f2a193edfe202c1	dll	Heodo
2020-12-22 19:58:19	9f0d5b65d77f6c919636443b10370bf940890017a923d3252a5b9fedf2ba7767	dll	Heodo
2020-12-22 19:52:19	f4ede79d7ca3d2ac114b6b304da315b14d5322c8dccb2e4c158265dd6e6fa463	dll	Heodo
2020-12-22 19:27:56	42347ece3986b8ece2fce05ab05feeae150fdc88d40944eed61b6b3c35e2a696	dll	Heodo
2020-12-22 19:10:05	bdeb2c7ddebefa92ebfbda70f9de9643e3245e1cf4bc087e938be02aca13a3fb	dll	Heodo
2020-12-22 18:53:08	b9ba14be0fe830210289d9fdc2b083bcb8a4dcf056717a454889cf91efe9dd6d	dll	Heodo
2020-12-22 18:46:46	e336d7cdc6ac462146fdcc741850ff092b2eedefd90e7a14c468542bff9fc41e	dll	Heodo
2020-12-22 18:26:11	92f2db9df9429589a07b0600c19b353ca393d4aeabf33e3699c873ce4acd9906	dll	Heodo
2020-12-22 18:04:59	9712af0fa9920d38b8062e2dd199c29664f647534fe65566c54c8cdc42e58de2	dll	Heodo
2020-12-22 17:49:24	4890a9dcd00608537b8b50669b1fc2a2a29e71056f0bae4d0cd4b0782b6ec9bd	dll	Heodo
2020-12-22 17:33:47	c79726a36b8426265465faa8ff15d024a932c836457f583d3421aabf465e4500	dll	Heodo
2020-12-22 17:14:34	5085e7cd7ea308adf38d095a32206c4e66fa2fd5faa6ccf8845aa3b08c8d3d46	dll	Heodo
2020-12-22 16:27:38	fde242df421ba254c475a960ce92d7eaadc4dd3f55a5bcafb77e6d79da7a24a1	dll	Heodo
2020-12-22 15:52:47	14fbf21b4dae36e7aa8b60d1abe4f46dcd5bebc8ecdc42db5a1bae688de8c189	dll	Heodo
2020-12-22 15:27:54	52a94bcb0365183ab2d4722002673d5d1867a7e375cf3bd2978489f0d4ad986c	dll	Heodo
2020-12-22 15:00:09	653c6b6f0f83950660be5b44516901b7950f60680e89c51ce8de050ec394dd16	dll	Heodo
2020-12-22 14:30:52	49742453d054e78f93b9fe33661029a0551a59dbbe1703685c08f92774df6e04	dll	Heodo
2020-12-22 13:46:47	217255141916470a566a7bce1a8eecac051896268415b59c73ebe0481c31ff0b	dll	Heodo
2020-12-22 13:36:11	ae1e8a33f7f1d418d3c98b541e93e6bbcd457b238bda606a0bcaec5469cb2456	dll	Heodo
2020-12-22 13:22:22	27beb99c5d74056c04b117b1fa28fc26a7a11c238a06348c7eb75011eef53ac9	dll	Heodo
2020-12-22 13:08:46	18cf53e4dadbfe6b37d0f7214bc093d5e2541c8cc87681bd3964a61fcb8275be	dll	Heodo
2020-12-22 12:45:06	3a16361548e0e37ce25163437dc59dc7134d8a1b06c0e88e7f3a74c0314a17e7	dll	Heodo