URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	3b39e40c-13d6-4a1f-a716-d0986744cc54.s3.ap-south-1.amazonaws.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-05-22 06:16:03 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	248

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-04-22 10:17:33	52.219.158.186	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2021-08-29 06:26:11	52.219.158.38	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2022-02-26 11:54:36	52.219.156.98	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-05-30 18:50:10	52.219.158.174	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-02-21 03:37:46	52.219.158.110	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-02-18 08:29:28	52.219.156.78	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-07-04 07:59:30	52.219.160.154	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2021-05-23 17:28:12	52.219.66.123	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-01-02 18:02:22	52.219.158.98	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-05-04 04:05:19	52.219.156.190	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-05-22 07:02:14	http://3b39e40c-13d6-4a1f-a716-d0986744cc54.s3....	Offline	ArkeiStealer exe	zbetcheckin
2021-05-22 07:02:08	http://3b39e40c-13d6-4a1f-a716-d0986744cc54.s3....	Offline	ArkeiStealer exe	zbetcheckin
2021-05-22 06:16:09	http://3b39e40c-13d6-4a1f-a716-d0986744cc54.s3....	Offline	ArkeiStealer exe	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-05-25 16:16:01	3c2fa1d04daaea31991c29bb4118c3d146a50815a033ea5ae325c3171ebdf713	exe	ArkeiStealer
2021-05-25 07:28:12	da9abc7cc54d7aeb2fd176f838d807d495615f68b25068abd939c7595ffcbe4a	exe
2021-05-25 07:15:50	da9abc7cc54d7aeb2fd176f838d807d495615f68b25068abd939c7595ffcbe4a	exe
2021-05-24 13:19:31	143f80b873592404bae9c6d3fed4467bee4795a9eebd510b6a6285dda7a2432d	exe	ArkeiStealer
2021-05-24 13:14:36	1e88a169aec46c8f54680f4d4d7ecec36dc0482ce5b067bbd901f3f8fc5afe2c	exe
2021-05-24 13:09:44	1e88a169aec46c8f54680f4d4d7ecec36dc0482ce5b067bbd901f3f8fc5afe2c	exe
2021-05-24 09:27:53	a439026408378e73e65afe890e517d9fd78ed55739840cd0eec1e0d83056dd33	exe
2021-05-24 09:24:54	a439026408378e73e65afe890e517d9fd78ed55739840cd0eec1e0d83056dd33	exe
2021-05-24 09:16:26	ff4a3e44fcd1cfbbf10ac318aca7559e0c20d0563e11e8a98e21e09e97ca68d3	exe	ArkeiStealer
2021-05-22 20:30:57	21415b4bd92f908e375ef73e62b8539724488e9372c6df980d91c01e47ebfd15	exe	ArkeiStealer
2021-05-22 20:26:00	59cc6a413c0ff4adeb9f693c418301685d7d3310939bc3ec19750da9a33a832b	exe	ArkeiStealer
2021-05-22 20:17:06	59cc6a413c0ff4adeb9f693c418301685d7d3310939bc3ec19750da9a33a832b	exe	ArkeiStealer
2021-05-22 10:27:35	0b5e9e3962f8982d50db96eff153a540939b4b417e33e5ec3b3d5ce2f56c5430	exe
2021-05-22 07:02:14	f91c7c2e15b7343d97bc5c3961f43ebd659440102a4a9c3359d7a9e6e0aef9d3	exe	ArkeiStealer
2021-05-22 07:02:06	cb3c387163302fbf8ddb4c13e9d786c1070a4185a74bdd3faebd1649d02b2b30	exe	ArkeiStealer
2021-05-22 06:16:08	f91c7c2e15b7343d97bc5c3961f43ebd659440102a4a9c3359d7a9e6e0aef9d3	exe	ArkeiStealer