URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-29 07:48:10 | 199.59.243.228 | Not listed | AS16509 AMAZON-02 |  US | yes | |
| 2025-06-14 13:18:13 | 54.82.141.78 | ec2-54-82-141-78.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
| 2025-06-14 13:18:13 | 107.20.199.112 | ec2-107-20-199-112.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
| 2025-06-11 05:21:54 | 3.91.114.160 | ec2-3-91-114-160.compute-1.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-06-08 03:31:33 | 52.20.202.168 | ec2-52-20-202-168.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
| 2025-06-05 03:26:20 | 52.0.53.226 | ec2-52-0-53-226.compute-1.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-06-05 03:26:20 | 3.213.33.192 | ec2-3-213-33-192.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
| 2025-05-30 10:57:41 | 54.82.120.89 | ec2-54-82-120-89.compute-1.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-05-30 10:57:41 | 52.0.95.112 | ec2-52-0-95-112.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
| 2025-05-20 05:46:06 | 34.206.187.199 | ec2-34-206-187-199.compute-1.amazonaws.com | Not listed | AS16509 AMAZON-02 | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-03-22 12:46:10 | https://buenavista.co/zw7616jjd.zip | Offline | Dridex  |  stoerchl |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-03-23 06:53:07 | 61253883f2cbdebcdc0cd51556d98435a5966b1ecb02a3c52a1f083a466157d8 | dll | Dridex | |
| 2021-03-22 18:57:12 | 0528e47420092ceebddda93b66960bcbc35151a367ef20b6f5827e60c2522d98 | dll | Dridex | |
| 2021-03-22 17:24:20 | a5e8301572a3e2dc86d401f4fd4a9a9e8b00cba60114bed2e855142a87a9a507 | dll | Dridex | |
| 2021-03-22 16:06:04 | 44afb84253fe4c465c228e34064958ca11f5c9cc8c794ce8806ce54d6f0e1740 | dll | Dridex | |
| 2021-03-22 14:16:07 | a55a11e24ee9daab2faeaa19af61042a5febda35bd4693c63345893d2391a84a | dll | Dridex | |
| 2021-03-22 12:46:10 | 04aa3a1a3187d6945f82925ee45e97f043b9640653b2d653d966edb6f7326dc6 | dll | Dridex |