URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	ctfilms.com
Domain registrar:	Tucows
Domain registration date:	2000-03-19 14:19:03 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-03-24 21:19:03 UTC
Total malware sites :	1
A record(s) observed :	7

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-05-03 02:00:06	13.248.169.48	a904c694c05102f30.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2023-05-03 02:00:06	76.223.54.146	a904c694c05102f30.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2025-09-06 11:33:27	166.117.110.61		Not listed	AS16509 AMAZON-02	US	no
2025-09-06 11:33:27	99.83.161.153	a2b7bf3398455f345.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2023-03-25 03:37:51	91.195.240.117		Not listed	AS47846 SEDO-AS	DE	no
2022-03-24 21:19:04	149.255.62.8	cloud205.unlimitedwebhosting.co.uk	Not listed	AS34931 AWARESOFT	GB	no
2023-05-06 01:14:43	3.64.163.50	ec2-3-64-163-50.eu-central-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	DE	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-03-24 21:19:04	http://ctfilms.com/ks/2ygJuGV0/	Offline	dll emotet epoch4 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-03-25 09:01:20	27cb42499a8cbcce160ea270584b40555821660443e5f3ec46d8389139012007	dll		Heodo
2022-03-25 08:06:20	64a487871f2a3fde8ebcca640bfb0587a08f812e39992db67da84202ef14cf80	dll		Heodo
2022-03-25 07:32:17	bb1877d5efa208b0294264da6f7d58ee6c6034f9341b84f5129379892aea0c9f	dll		Heodo
2022-03-25 07:26:26	96b89e7043d03ec6c64d90f7b53af3ecfea1bfaa2778560be49c8c32bf21f97e	dll		Heodo
2022-03-25 06:27:14	1ca8315474e5dba8b43b5382bd9e07326d9fc2a341882fa02ea4c88265fc62f5	dll		Heodo
2022-03-25 06:04:46	f652217e10e3fc5386f45c470a52a3f9bfbc81ca414ee367e341b5fee31dc3ee	dll		Heodo
2022-03-25 05:20:13	6478c60b25711aab93883e65b50102a5ec90a8bcf603837cb66705fdad028449	dll		Heodo
2022-03-25 04:22:21	ddccf6d41262c84d26d72d253f232cde1f409d93a1e350d35b007dc4189743fe	dll		Heodo
2022-03-25 03:35:11	910abc0a4905726b47eb849395044808cf26f8e498c7c1165a0984e98c346312	dll		Heodo
2022-03-25 02:40:22	0b20dbeebc479142143e56f1c0e7973fa5266de794b10b758b703e6d53b7ca7d	dll		Heodo
2022-03-25 02:18:27	0d5f52b4fee943f9ef848e9835a3ea17a06a95f3cd8156ccfb31f1a45794d562	dll		Heodo
2022-03-25 01:58:30	334bbf8c41a58d52126f59ea7f0461845c847498ef75f379dec50444241e16b5	dll		Heodo
2022-03-25 00:40:26	006fbbd5d30db1b145ddd3e756c2bd7af7e0a9e3b1f9c796c6888de5f3113678	dll		Heodo
2022-03-25 00:25:47	46845d0c1fee490e32ed4e5d1ba5f9f99ab88ddcc7c83888b4932ac65eb16dd1	dll		Heodo
2022-03-24 23:42:20	22b7eb665d47c061de1854ef2615a7f6cba6e3c4838474a805a5bafa7740a459	dll		Heodo
2022-03-24 23:12:55	6d2fffd32bd0897c391d3a9b5baf6eac7d97ad9f7cc86bc540a0d89085f4f272	dll		Heodo
2022-03-24 22:49:31	df31f5bcdb93c150d90433504ee55344caf97d63d39cb4684ca7038d23b5d8c4	dll		Heodo
2022-03-24 21:41:40	98eda8c927b248b68196a97ec97789c3e705551b5335429f6765a747de174134	dll		Heodo
2022-03-24 21:19:04	c12a21064320369143cfea63e2f20a13091d13f2d0f3eda63260d293fc438e05	dll		Heodo