URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 11:26:11	15.197.148.33	a2aa9ff50de748dbe.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2025-04-27 11:26:11	3.33.130.190	a2aa9ff50de748dbe.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2020-07-20 07:01:06	23.236.62.147	147.62.236.23.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2020-07-15 02:24:32	34.102.136.180	180.136.102.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2019-11-03 21:01:29	23.135.144.210	23.135.144.210.static.penseweb.com	Not listed	AS398115 NETLINUX-01	CA	no
2019-10-22 16:28:08	24.122.77.23		Not listed	AS11290 CC-3272	CA	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2019-10-22 16:28:08	http://lecafedesartistes.com/accueil/metor/Tone...	Offline	CAN Gozi	Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2020-01-13 11:27:37	a22ff00402fff5b19edeae2519df7e21e6d7628b64bb0885d0160859ecea889c	exe
2019-11-28 10:21:15	5bc36b1bd1e65a9052c2ee080cae7e8e3b028c9524cee9b060e5831d0c24a3fb	exe
2019-11-20 06:46:17	abdbfd01c5ccd02ab702b126db14e21ccf3c7904263c020cc313714b1d63cef5	exe
2019-11-19 07:27:21	01bacedbe3764f943ef93d1cbe9048805e5ea4cd798abe10a717082b1adece29	exe
2019-10-22 16:28:07	3c1ce75269219a15d338a103c5e5baf8629438d062474a7c11e3792fdcabdf06	exe