URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	cenaf.com.co
Domain registrar:	Tucows
Domain registration date:	2019-04-10 15:31:33 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-03-16 22:42:07 UTC
Total malware sites :	1
A record(s) observed :	39

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 11:44:42	162.241.61.153	162-241-61-153.unifiedlayer.com	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	yes
2025-05-28 12:28:59	54.82.120.89	ec2-54-82-120-89.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-05-28 12:28:59	52.0.95.112	ec2-52-0-95-112.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-06-11 09:32:39	52.6.59.118	ec2-52-6-59-118.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-06-21 23:41:47	3.216.106.95	ec2-3-216-106-95.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-06-20 16:59:01	54.87.127.232	ec2-54-87-127-232.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-06-21 23:41:47	3.218.34.174	ec2-3-218-34-174.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-06-23 04:15:10	18.210.44.90	ec2-18-210-44-90.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-06-23 04:15:10	34.192.242.51	ec2-34-192-242-51.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-06-20 16:59:01	18.206.111.18	ec2-18-206-111-18.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-03-16 22:42:11	http://cenaf.com.co/error/TpewL/	Offline	dll emotet epoch4 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-03-17 03:01:05	12c8cc192f8d17703146372481bb56aacfd98f0fd7e9eacfcc01931438f0efca	dll		Heodo
2022-03-17 00:01:54	a6276be3b2976a066cad14cacfd1264e75e7b1f99e0a588f4415efb55b80d6b0	dll		Heodo
2022-03-16 23:20:46	24d8492b94606931d5a0926d9c795619673f29b5049831e3d03802e97d763d2b	dll		Heodo
2022-03-16 23:14:54	08e9124ad2513d7fe5782ff5198cc334b4312709fd810fe9909b3f7d01ad41e7	dll		Heodo
2022-03-16 22:42:10	820229d4e7dfbb984ff61d72d63b00266b2fe34258c83a79ec71b019d1dbe83a	dll		Heodo