URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: chicagostation.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-08-12 23:37:03 UTC
Total malware sites :1
A record(s) observed :9

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-27 12:13:08 13.248.169.48a904c694c05102f30.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USyes
2025-04-27 12:13:08 76.223.54.146a904c694c05102f30.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USyes
2025-09-18 07:49:38 13.248.213.45a67c48129651a0940.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-09-18 07:49:38 76.223.67.189a67c48129651a0940.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-09-10 09:07:04 166.117.110.61Not listedAS16509 AMAZON-02- USno
2025-09-10 09:07:04 99.83.161.153a2b7bf3398455f345.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-08-21 00:06:27 44.232.173.249ec2-44-232-173-249.us-west-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-08-21 00:06:27 52.40.42.113ec2-52-40-42-113.us-west-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2020-08-12 23:37:05 143.95.42.191kefka.asoshared.comNot listedAS46606 UNIFIEDLAYER-AS-1- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-08-12 23:37:05http://chicagostation.com/chicago/FyNv/Offlinedoc emotet ext epoch3 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-08-13 21:00:0749d66f1859784a289e46f5690a521c15cb397cb29ad8db6882806c03628a4b97docHeodo
2020-08-13 18:54:455068ac1fc3ea1af3eb637bed169df3a72f14ab7db56ff2996f718fbe8c05642edocHeodo
2020-08-13 18:15:29294443b3b8e68154544b8f501310b598b2925bc108c42f5a30bccfa9598b6782docHeodo
2020-08-13 17:49:02a0174ce27bcb676191641c4b06722c67732d37458580fcda2aca969593f838d9docHeodo
2020-08-13 17:23:447f84ffec8d67c90cf874b1c63419a909e57b6e610d050a800bccfef7de037607docHeodo
2020-08-13 16:51:5217c0ad7fe3012db3c5ada59ba1d21436aa344ab57a37ce699684f8bbead66de0docHeodo
2020-08-13 16:32:37ecab54e301b452142ecc261b2329b5603222fdd66c4785aaee3b0a1e54373879docHeodo
2020-08-13 16:15:187e058242f7a064bad48c7b7a1e45ebabdb59903cabf069d79e145c9edd2408fcdocHeodo
2020-08-13 15:57:220d943363cc7316d93b7afdeaedc54c7b7f8dd8b7d63b81516d89202f6d95f96ddocHeodo
2020-08-13 15:31:32286f7949f545a67074545aa0830816a560a993143774c4468d041d5e656d2897docHeodo
2020-08-13 15:09:27b8a573213c36923b03e13902ca78fa55cd62d801d34fc7f5ecaf692f7b68482cdocHeodo
2020-08-13 14:46:28f392265c903b4cad60edb998054c18fcb2cfdfe7e9e068ad6119545be62062e6docHeodo
2020-08-13 14:13:5852c981dcee0a9c0bc80ec192b453e8af6b01ced6cb3187645687ad0fd1b13221docHeodo
2020-08-13 13:51:3606166b3489e6b1ba8b3b7abbedf9fa72a55fc82e560c856df36cc781c2470e4bdocHeodo
2020-08-13 13:24:08b728f085e0e3133f7083a77948330f193955e186b2e479815f2657baf3802c57docHeodo
2020-08-13 12:10:583a957d2e54e658d116c346dcaf0dab5ecaec5e60bf7125b32087746f27cbe35fdocHeodo
2020-08-13 11:52:54b58536809fa841324f6ebd181e66c4e897843b4689a45987ba00691b7c99f35cdocHeodo
2020-08-13 11:25:58776396c0aa0fac10eb849a713ca7927a00cd7aa654be032e870fa7cbe3076078docHeodo
2020-08-13 10:56:46d22eb2573f777153ddd035f4b8ba8b83c452f150ee71bb9e2dc95a0036794c46docHeodo
2020-08-13 10:35:27a9db211b5c0ed36501a165bda0a9c6a4f673bcb350aa5f5b7bfb4a9910f883c0docHeodo
2020-08-13 10:35:01a9db211b5c0ed36501a165bda0a9c6a4f673bcb350aa5f5b7bfb4a9910f883c0docHeodo
2020-08-13 10:01:44147ff91d2f978f8abd623f6a25e0599903cb53c9a890255e3fcede1cb0fbc8dadocHeodo
2020-08-13 09:31:51642f6238f4c26f7e8829b4739309809c5b2ec80f58e0beb4df4cbfdfd8ebe42adocHeodo
2020-08-13 09:12:077b6f86d6898258e9a8a5a572e055f9efc0d045b78fc6eb88c0d2f61f064629f2docHeodo
2020-08-13 07:39:55b6e322f9859749fc8f883d8e46bd164f9b3b406ab9978f5c1daa1ad43325d492docHeodo
2020-08-13 06:09:02e1b7a11726c385bcad71dfe791b165802cc625ceaf2f1550a5a10f5f222ea90ddocHeodo
2020-08-13 04:37:4310531f315432369a9c0706bc00ac1405445316044a9ec07b03de6606a6a9f9fbdocHeodo
2020-08-13 04:24:46de63eeb9f1015ea52b0e1a4d4698d706634a985366000085cfc06c5295b0d165docHeodo
2020-08-13 04:01:1017b6049e45eaf5263f576de1799a8b8ccd0164f7e1241cf72738d56e8793458adocHeodo
2020-08-13 03:46:31015990746f332cc1ad898d46ef3de53f4ffc95d723ccd19bea5fc12b95f86b47docHeodo
2020-08-13 03:44:54bd379f0e0dcc9c8c75d70a99df9f95dc56d70fd92cbf446a21dcb7b22ded59f9docHeodo
2020-08-13 02:13:45fb04bcaffc6328a8a16308df4ecbcf2ab1099b8c1dd14c443590f8bbad856fb7docHeodo
2020-08-13 00:41:42e26bbe184e43c8251aee307aa6d392971f7facdda4ce50f9733a966dc7905ff2docHeodo
2020-08-12 23:37:05d7c50ba11249e0a1c4d11979973556404398ea351d7dc8b174ba3cd411d79bfedocHeodo