URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	botfusion1-8f4913f37609.herokuapp.com
Domain registrar:	MarkMonitor
Domain registration date:	2010-09-19 05:55:31 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-10-30 07:01:04 UTC
Total malware sites :	1
A record(s) observed :	30

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-11-02 23:21:37	54.83.6.65	ec2-54-83-6-65.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	yes
2023-11-02 23:21:37	3.210.192.5	ec2-3-210-192-5.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	yes
2023-11-02 23:21:37	54.146.248.82	ec2-54-146-248-82.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	yes
2023-11-02 23:21:37	3.229.186.102	ec2-3-229-186-102.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	yes
2023-11-03 00:03:30	54.243.129.215	ec2-54-243-129-215.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-11-03 00:03:30	54.224.34.30	ec2-54-224-34-30.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-11-03 00:03:30	54.208.186.182	ec2-54-208-186-182.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-11-03 00:03:30	34.201.81.34	ec2-34-201-81-34.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-11-03 02:18:12	54.78.134.111	ec2-54-78-134-111.eu-west-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	IE	no
2023-11-03 02:18:12	54.228.42.199	ec2-54-228-42-199.eu-west-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	IE	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-10-30 07:01:33	https://botfusion1-8f4913f37609.herokuapp.com/3...	Offline	exe Sliver	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-11-02 15:48:08	b9b87cc4954c4644aaf4716e092f38fb008e37bcc781387656bf1f293d2919fe	exe
2023-11-01 16:52:50	9f371f77efc1b636dc2b85681173ab66edb75287367115987d6350103e8c33c6	exe
2023-11-01 12:18:12	5e7177909f71ab7d217cf0a6ba52328d0a0ad3be543dac9e050742995c8b8d17	exe
2023-10-30 22:57:55	5da05458a8550d936109f7f15dd3e6d2a4699977a46c4bf51f3cbe19e5b6ebe9	exe
2023-10-30 07:01:33	a681cf93554fb104eab53ace13b6c18c8a3bfd49774fe467b8bf18b1510405da	exe		Sliver