URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | potrethukum.com |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Status unknown |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Status unknown |
| OpenBLD : | Blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2019-04-11 22:00:05 UTC |
| Total malware sites : | 5 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 5 (100%) |
| A record(s) observed : | 11 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-07-25 07:56:36 | 172.233.219.123 | viridian02.parklogic.com | Not listed | AS63949 AKAMAI-LINODE-AP |  US | no |
| 2025-07-25 03:39:53 | 172.233.219.49 | viridian01.parklogic.com | Not listed | AS63949 AKAMAI-LINODE-AP | US | no |
| 2025-07-25 07:56:36 | 172.233.219.78 | viridian03.parklogic.com | Not listed | AS63949 AKAMAI-LINODE-AP | US | no |
| 2025-07-25 07:56:36 | 172.237.146.25 | viridian06.parklogic.com | Not listed | AS63949 AKAMAI-LINODE-AP | US | no |
| 2025-07-25 07:56:36 | 172.237.146.38 | viridian04.parklogic.com | Not listed | AS63949 AKAMAI-LINODE-AP | US | no |
| 2025-07-25 07:56:36 | 172.237.146.8 | viridian05.parklogic.com | Not listed | AS63949 AKAMAI-LINODE-AP | US | no |
| 2025-04-27 08:30:59 | 103.147.154.205 | palkia.id.domainesia.com | Not listed | AS138115 IDNIC-DENEVA-AS-ID |  ID | no |
| 2019-07-31 15:01:18 | 103.121.122.81 | indo-jkt.nyanhosting.id | Not listed | AS138131 IDNIC-NATANET-AS-ID | ID | no |
| 2019-04-11 22:00:12 | 202.74.238.35 | ip-238-35.jalanet.co.id | Not listed | AS131775 IDNIC-JALANET-AS-ID | ID | no |
| 2025-07-24 19:50:54 | 15.197.240.20 | acf3b736b777428f5.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2019-04-11 22:26:14 | http://potrethukum.com/wp-content/themes/publis... | Offline | exe Troldesh  |  zbetcheckin |
| 2019-04-11 22:22:07 | http://potrethukum.com/wp-content/themes/publis... | Offline | exe | zbetcheckin |
| 2019-04-11 22:17:11 | http://potrethukum.com/wp-content/themes/publis... | Offline | exe Troldesh | zbetcheckin |
| 2019-04-11 22:17:07 | http://potrethukum.com/wp-content/themes/publis... | Offline | exe Troldesh | zbetcheckin |
| 2019-04-11 22:00:12 | http://potrethukum.com/wp-content/themes/publis... | Offline | exe Troldesh | zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2019-04-11 22:26:14 | 50119da56e84ae4baa207a9391a0143fe5aa66c212aeba08e2d6d864af0a0d83 | exe | Ransomware.Troldesh | |
| 2019-04-11 22:22:07 | ac00db38736f8b064f0d878eea44c13923475186b5135fee2fd6f92522c0699f | exe | ||
| 2019-04-11 22:17:11 | b42b48e0648b78683718152e030fe2971d5bb95105f6e038b69c0c3516c373fc | exe | Ransomware.Troldesh | |
| 2019-04-11 22:17:07 | d5fe31471af8abcd884108fbbfe776c3df6c988a865e401fc83ccbdfe030ed4e | exe | Ransomware.Troldesh | |
| 2019-04-11 22:00:12 | 7701170304fdd48b184aac032391ae3a1f880be6160812d0089049834b3ec828 | exe | Ransomware.Troldesh |