URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	servilogic.net
Domain registrar:	Google
Domain registration date:	2018-02-24 15:07:36 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-02-09 16:37:03 UTC
Total malware sites :	1
A record(s) observed :	10

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-09-21 01:46:47	190.128.235.82	mail.servilogic.net	Not listed	AS23201 Telecel_S.A.	PY	yes
2022-03-12 17:32:31	216.239.32.21	any-in-2015.1e100.net	Not listed	AS15169 GOOGLE	US	no
2022-03-12 17:32:31	216.239.34.21	any-in-2215.1e100.net	Not listed	AS15169 GOOGLE	US	no
2022-03-12 17:32:31	216.239.36.21	any-in-2415.1e100.net	Not listed	AS15169 GOOGLE	US	no
2022-03-12 17:32:31	216.239.38.21	any-in-2615.1e100.net	Not listed	AS15169 GOOGLE	US	no
2022-08-06 12:01:53	181.120.190.203	mail.servilogic.net	Not listed	AS23201 Telecel_S.A.	PY	no
2022-07-16 15:27:04	181.120.136.229	static-229-136-120-181.telecel.com.py	Not listed	AS23201 Telecel_S.A.	PY	no
2022-04-09 03:30:48	181.120.191.15	mail.servilogic.net	Not listed	AS23201 Telecel_S.A.	PY	no
2022-02-09 16:37:07	104.21.4.165		Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-02-09 16:37:07	172.67.132.68		Not listed	AS13335 CLOUDFLARENET	n/a	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-02-09 16:37:07	https://servilogic.net/b/14hqrdyP0Z3WsbQib8/	Offline	dll emotet epoch5 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-02-10 02:18:40	31eebc627290fefb1a4c492ea4fb4992d852d694837a4f162789a2a2b1477412	dll		Heodo
2022-02-10 01:22:16	cf4ef64831088b0c4b2d22247eb0dd5ff56d2940b53c83e2a65ee255d4a5ca80	dll		Heodo
2022-02-10 00:24:26	5506ae5a2fd5c578e16733142619ea6a041555ab95fe29c3de331fbba3376e5a	dll		Heodo
2022-02-09 23:29:48	3da28544f9294db2b95f428132f848d8d907baebf49d3c6dead3c13d9907f1d1	dll		Heodo
2022-02-09 21:42:34	34cfac5098251eb3210dea3cdd6bf508d8cbecfcfc35daea8d34839a16585e9f	dll		Heodo
2022-02-09 21:36:12	b33dcfff14956d2d19c147ba73d1b36e368c09b8b2e6412bb91e59d470e2fdb4	dll		Heodo
2022-02-09 20:31:53	625b03c944ffade8ea99a39e912911bb4430c6af8a4e5fb747c2858b2a78650e	dll		Heodo
2022-02-09 20:22:44	17a799e770686f1ce4a2cf9bb8dc52cb0055230fab1182c01b10f29f605333d2	dll		Heodo
2022-02-09 16:37:07	3486b2c85f7a0f66d2939738ba6b0e041c8856ba6ad314f2e8822699d4427b84	dll		Heodo