URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.duhallow.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-07-29 10:38:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)
A record(s) observed :	7

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-07-02 08:42:09	34.1.240.127	127.240.1.34.bc.googleusercontent.com	Not listed	AS15169 GOOGLE	NL	yes
2025-04-27 09:04:19	35.214.214.15	15.214.214.35.bc.googleusercontent.com	Not listed	AS15169 GOOGLE	NL	no
2021-01-13 21:53:38	104.21.26.240		Not listed	AS13335 CLOUDFLARENET	n/a	no
2020-07-29 10:38:06	172.67.168.156		Not listed	AS13335 CLOUDFLARENET	n/a	no
2020-07-29 10:38:06	104.28.4.216		Not listed	AS13335 CLOUDFLARENET	NZ	no
2020-07-29 10:38:06	104.28.5.216		Not listed	AS13335 CLOUDFLARENET	NZ	no
2020-09-13 07:55:40	35.214.195.71	71.195.214.35.bc.googleusercontent.com	Not listed	AS15169 GOOGLE	NL	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-19 17:27:22	http://www.duhallow.com/wp-content/yvu1atyip7814/	Offline	emotet epoch3 exe heodo	Cryptolaemus1
2020-08-12 15:01:34	http://www.duhallow.com/wp-content/0BmNgw0vb6ls...	Offline	emotet epoch3 exe heodo	Cryptolaemus1
2020-08-07 08:25:34	http://www.duhallow.com/wp-content/multifunctio...	Offline	doc emotet epoch1 heodo	spamhaus
2020-07-31 10:43:03	http://www.duhallow.com/wp-content/parts_servic...	Offline	doc emotet epoch2 heodo	spamhaus
2020-07-29 10:38:06	http://www.duhallow.com/wp-content/pm2kX374/	Offline	emotet epoch1 exe heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-09-13 12:20:23	1bd696fd84c4bf54a5e5b92e0064534b3e67f2ff37e650039a8ed1023572a48d	exe	Heodo
2020-09-13 12:06:55	ba50483a5407dc7d213263534638c2e4e0445d9d06f977dc496e979beda32f33	doc	Heodo
2020-09-13 12:02:59	c8de6f317f5e229ddc162a89867520de23a899aeff2e4b43a25cc914aba20ea5	exe	Heodo
2020-09-13 08:18:08	ee19babcea4541e4bc9ed06a3547417e720a322f749f4f685f759ede876b0b28	exe	Heodo
2020-09-13 07:55:38	f5671015ad6746cf334bbde3f8310dc831719a74e5432d619f8843e20be44dd0	doc	Heodo
2020-08-19 20:27:02	b93a68ec5ac36b7629311418f1d9064f81eedf99a16c070b4a18bb02166c793f	exe	Heodo
2020-08-19 20:21:23	711b9c0aebc4e22e234df89615a68ff0e4e950e757f0e360b9f4ebf7be25a886	exe	Heodo
2020-08-19 19:51:10	01e04073330942ac4d0c179d8e09b35218d4dbcd9b34dc836a0e655698a9879e	exe	Heodo
2020-08-19 19:33:36	4900f26c3f64b97f21893a64c9c2af2e39400f3d8e5390688539dc09bb0b6a8d	exe	Heodo
2020-08-19 19:15:55	6d9655b8d70a8309d8378092424e167f1fc0b68d606d0e02b06b138d42b85325	exe	Heodo
2020-08-19 18:59:50	a48d4ab03031489a657a977fba8d05d0036c64332ce942b0b51d330188dd02b3	exe	Heodo
2020-08-19 18:45:41	bc43f351e8a5187eb897683adfbbead5ba1c9410121a49f0cc35989116658622	exe	Heodo
2020-08-19 18:31:01	3bae75a10145de186000cb810b810bcd694d9994c7a346b5476afd0526178cec	exe	Heodo
2020-08-19 18:13:05	60c8861a817fa44191c0109f53021babd07d12885b8efe86431223c0390306df	exe	Heodo
2020-08-19 17:58:27	7c0737e7a8356339e0cdef226574173725f330b5855011dfef5f32016062e236	exe	Heodo
2020-08-19 17:41:31	ead1c36571816c18f4c47af0d3bc323b4c7f28815602874206c6977b80c32a4e	exe	Heodo
2020-08-19 17:28:50	a07eb2624ed86199e8a3424f9dd9c58ee2860f90b28cf1511b1609291560d415	exe	Heodo
2020-08-19 17:27:22	180dc06b471e5091a493f01a19288ac63914a81180c6b75312ffbc80765f330a	exe	Heodo
2020-08-12 15:01:34	f151cfdbbde8f46d019da6ac426f4be999ced326e0d4cae59bb62595f32a78df	exe	Heodo
2020-08-07 08:25:34	5b4b763abaef859255adbe8fb159cb5887bb4f367cab127af23ef995b3525eb8	doc	Heodo
2020-07-31 12:43:58	6a0ae157161a401ce10b9193d319636f8d7c0d4a9c16581e01810d96e5f878e3	doc	Heodo
2020-07-31 12:22:12	f8c08709b04ec9e95d8f36c1b99b4ad75eb823d513d3f7dc020c3fc96ebfd770	doc	Heodo
2020-07-31 12:10:56	29d891e740b344f9ec63299342ad3d46a3f4841be720defaebea50963c9aff13	doc	Heodo
2020-07-31 11:35:10	33cc5ac87a9b8a4bceb717df74b6cf6b1162ff33a67dac529744e3f81c55636c	doc	Heodo
2020-07-31 11:10:08	98ee1381f134eaedefa2baef746295a547b2a4b7468ffbf5a9834e65a71c7c8e	doc	Heodo
2020-07-31 10:49:40	fc8260756d35c29ece5bf1f7e3841128d9a81a67341151568d6885a070cd82b6	doc	Heodo
2020-07-31 10:43:03	207019cb950ef5689f9c7bd7d37389262bcb5bab2c3303111eac0e2c754a390a	doc	Heodo
2020-07-29 11:07:27	36a1ca2f3377f134c5e98226cd7d7c5d9b4968d942d497de1900c6652213beac	exe	Heodo
2020-07-29 10:43:49	0d7a5390f4c26a85c974c89fc28dbf5e03659fb28b3b1f835082695cd9aa0120	exe	Heodo
2020-07-29 10:38:05	44e498248080e6f792dc8bc3fffda4d127c9ab62807ecdc85dbfbae83161847e	exe	Heodo