URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: b4ad7b79-534a-4e83-953e-c36da8cf27d9.s3.amazonaws.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-03-27 23:10:03 UTC
Total malware sites :1
A record(s) observed :1'899

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-10-13 05:33:25 3.5.29.148s3-1-w.amazonaws.comNot listedAS14618 AMAZON-AES- USyes
2021-03-30 08:03:46 52.217.193.153s3-1-w.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-09-09 14:11:16 3.5.19.149s3-1-w.amazonaws.comNot listedAS14618 AMAZON-AES- USno
2025-10-06 20:30:59 52.217.123.17s3-1-w.amazonaws.comNot listedAS16509 AMAZON-02- USno
2021-03-29 08:05:44 52.217.70.236s3-1-w.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-11-09 18:09:06 3.5.25.20s3-1-w.amazonaws.comNot listedAS14618 AMAZON-AES- USno
2021-10-03 16:56:23 52.216.154.68s3-1-w.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-06-29 15:25:58 3.5.13.147s3-w.us-east-1.amazonaws.comNot listedAS14618 AMAZON-AES- USno
2021-08-02 08:09:21 52.217.163.241s3-1-w.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-09-30 20:49:06 3.5.19.198s3-1-w.amazonaws.comNot listedAS14618 AMAZON-AES- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-03-27 23:10:14http://b4ad7b79-534a-4e83-953e-c36da8cf27d9.s3....OfflineArkeiStealer ext CoinMiner exe RedLineStealer ext vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-04-02 08:48:33d8ebccaa0a34b6c581cace15c6ad6022846157e8009bf7f2e3091a41d7ed9df9exe CoinMiner
2021-04-02 07:55:17cf1a8304da78b6286a412d33ef3e0390949eb83e5b08ad63c006ed578d5d4c95exeArkeiStealer
2021-04-02 07:05:3502eb77ea2c8890e1ba5e28eb6801c569bfa3b6b91ab2ae5872afd56e1f6f79d1exe  
2021-04-02 05:14:1531e37198c284db923bb8121a083a815a30a2f75dd1e848180bb6cb8d0ed8bcaeexe  
2021-04-02 03:14:0842f29ab68c6c228fa20c64f229e36ad065f4a286f41fdc6662bdaa0e497365d6exe ArkeiStealer
2021-04-01 19:48:498cdf7704627451db43d6b9ad38fdce2a2beb6e753293c372a3d9a2bdfec9a49eexe  
2021-04-01 19:25:078942adb26cf84fbbc3aa251b4595820a9aae15f3b441fe3b38821d9b64fd720bexe ArkeiStealer
2021-04-01 19:04:04b080de9d83901deb31059c30cf5932d3462d8367ca1dfb39c7af21d4f4d5634bexe  
2021-04-01 18:14:2057c3bb69d117edb1c85ea697533ab3008152783de86a70089ba101843939e21cexe  
2021-04-01 15:59:402bd98f3bf72232c7ac9145bee59069b2b0fa896ec534d85813b8d5937424de6cexe  
2021-04-01 12:57:57e7e044a20f1ab6dd51fd0c67f7357c586ead8afe555abb91c5c627479c987363exe  
2021-04-01 12:47:47f3860dc9a3ab03f9bc1afbc3edf5b5a4b51c936655d74353650a67839f9c1387exe  
2021-04-01 11:15:23bfeae40a4d22f1861d9f6cab0200627e844c19bed6e7762834ceba233a56d1d1exe  
2021-04-01 09:10:3861f8c295e6db17d7aa94506c0d6e4b2bd044d92cb7c70deb7c62e69f4ba82532exe  
2021-04-01 05:51:544564033ca316b31e192f8dcfca9743756ebfe554c43e952924c4ef6581ef9e15exe 
2021-04-01 01:59:3351eb8c3d6671f8f1948b99d83257377a5c6d45ae77f9be746dddaa7d46bc5776exe  
2021-03-31 17:50:1148c1378f5e48ec365691bf3cf9c44f381e181c0e669df0169ff057c2cf8917f8exe 
2021-03-31 16:37:24ed0be85224a6824bb7e6db676298e445058ff9b4d40eebcb80bb14a922c268bdexe ArkeiStealer
2021-03-31 15:39:389ddbf00d95bb3ddf94074a69dd10d476b58a8997d2757f24169709f1872f4184exe ArkeiStealer
2021-03-31 13:19:197058480407962f738d861167ef77552022cda74ed86355c655d73b6c1b14bebfexe  
2021-03-31 12:36:25145e4591172a1d6dff59dd97da75df919f2ae8bab3b7b62a5d86b8aeec01d900exe ArkeiStealer
2021-03-31 10:42:45afcc10334ecc9cea01121a1cf2a0ce617ca5e41102c92a9788f695d369e4d11eexe RedLineStealer
2021-03-31 10:20:21b11bd18587058601cde1be46ec722f2ddc96fddd976f3a263e4d0358e8e08865exe ArkeiStealer
2021-03-31 06:41:12962174bdbf43d76a4dbd48b49ee3f773ccc42f20de6d4e40ac03025889696c9cexe  
2021-03-31 03:40:40b09777d6d0d1ab7ef6c68a4b94cd91a78e27d0be1fe7cf32426356d0098efc9aexe ArkeiStealer
2021-03-31 03:30:5905ec3ac0a307ffb3588bbc2f5c7600e8fbc2c12287e6a63d8d3d8bdb43979beeexe  
2021-03-30 15:47:468566be8fdb6c73afe986f3baa565cfe19f3c0a48ccbf45bd996c0ef2dbe5e9ebexe RedLineStealer
2021-03-30 09:25:0032e0122dad63952604a78254ac586a40f112ab911bc4fd47ac66e927343652aaexe RedLineStealer
2021-03-30 02:34:304655166604fe082c2b9e8bb5b7bff5c159bb9d643085d2872af239cdfda6e586exe RedLineStealer
2021-03-29 15:46:2748995c80c362c98c71d6fa1fae69fcfedddd5112b2f41937d25c91cc36ec5040exe  
2021-03-28 08:15:18eb2b82c14b81523edd762536c3dcd308624821dd6840e8cabdf94327d55fcbf9exeArkeiStealer
2021-03-28 02:58:184ae0156d1ccca584c5ed35708b150e0649cd470f5b192653a578c215e5118c08exeArkeiStealer
2021-03-27 23:10:1489d15d3703f9b4084dc3dd41693d5337d2a19fa40c3c87e1cb7a0997d021c4e1exeArkeiStealer