URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	4e87beed-34c0-467a-9142-a3fbcaa9f78f.s3.ap-south-1.amazonaws.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-06-19 04:53:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	257

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-08-05 07:17:43	52.219.158.182	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2021-08-03 11:51:08	52.219.158.46	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2022-04-30 20:47:33	52.219.160.126	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2022-05-15 23:26:10	52.219.160.202	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2025-06-12 16:44:56	3.5.212.130	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2021-06-20 05:26:47	52.219.156.50	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2021-06-19 10:36:38	52.219.156.34	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-05-14 02:29:14	52.219.156.82	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2021-06-20 04:33:49	52.219.160.70	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2021-12-29 07:23:17	52.219.158.102	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-06-19 06:35:16	http://4e87beed-34c0-467a-9142-a3fbcaa9f78f.s3....	Offline	32 ArkeiStealer exe	zbetcheckin
2021-06-19 04:53:06	http://4e87beed-34c0-467a-9142-a3fbcaa9f78f.s3....	Offline	32 ArkeiStealer exe RedLineStealer	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-06-21 04:35:52	77088c2f6f9178e0da504d14ff3687ce5dbd4972a0cd527b900657132e4666dc	exe	ArkeiStealer
2021-06-21 04:34:10	77088c2f6f9178e0da504d14ff3687ce5dbd4972a0cd527b900657132e4666dc	exe	ArkeiStealer
2021-06-20 14:09:29	1f12b68d377ad90cb6147accf69380acc0a0f6284c4871fc33827ad4086e9e2d	exe
2021-06-20 14:07:43	1f12b68d377ad90cb6147accf69380acc0a0f6284c4871fc33827ad4086e9e2d	exe
2021-06-20 13:55:43	16b2ad05ce4738164084f7074afbd8830f8996df8093f337140fe862913ca517	exe
2021-06-19 06:35:16	9217d926826128058e86a2a2bba020ea38062503648e320194b22d1ade0ffee9	exe	ArkeiStealer
2021-06-19 04:53:05	9217d926826128058e86a2a2bba020ea38062503648e320194b22d1ade0ffee9	exe	ArkeiStealer