URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	487e1cdf-d447-4909-8e2a-f38d77c6ca2c.s3.ap-south-1.amazonaws.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-06-12 06:26:07 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	245

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-09-24 06:55:31	3.5.212.195	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2022-05-06 03:19:31	52.219.156.122	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2021-08-12 15:31:37	52.219.158.50	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2022-08-03 08:01:40	52.219.160.174	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2021-06-12 22:51:34	52.219.64.63	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2021-06-12 09:40:42	52.219.64.103	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-06-10 16:58:25	52.219.158.142	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2021-06-12 20:48:32	52.219.64.19	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-01-02 03:51:54	52.219.160.78	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2021-06-12 06:53:31	52.219.62.115	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-06-12 07:07:06	http://487e1cdf-d447-4909-8e2a-f38d77c6ca2c.s3....	Offline	32 ArkeiStealer exe	zbetcheckin
2021-06-12 06:59:05	http://487e1cdf-d447-4909-8e2a-f38d77c6ca2c.s3....	Offline	32 ArkeiStealer exe	zbetcheckin
2021-06-12 06:26:11	http://487e1cdf-d447-4909-8e2a-f38d77c6ca2c.s3....	Offline	32 exe RedLineStealer	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-06-13 17:01:21	7965c44c092a8f24597ace1e54bbc4c10ac2b60ee9915059f35d1346969bca0a	exe	RedLineStealer
2021-06-13 12:02:09	739ea02b27b4ddb79ba40418fe09fbdd723b73ad8dabf5f2706f02e1248197dd	exe	ArkeiStealer
2021-06-13 11:53:39	5d1dbc990b7335f8fa4037067e6c12cec897fd795cbef08b579f7e8b8ed9e86e	exe	Adware.FileTour
2021-06-13 11:50:32	739ea02b27b4ddb79ba40418fe09fbdd723b73ad8dabf5f2706f02e1248197dd	exe	ArkeiStealer
2021-06-12 07:07:05	24e73e485857368cf7ec4e1b44b5d9cf86a16fbb8eafd89626b47703256db22d	exe	Adware.FileTour
2021-06-12 06:59:05	24e73e485857368cf7ec4e1b44b5d9cf86a16fbb8eafd89626b47703256db22d	exe	Adware.FileTour
2021-06-12 06:26:11	531511e95f85e5fd8614c28ddfd4fd487086ebd3f656b6214419876ff1ad3be4	exe	RedLineStealer