URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	massage2u.co
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-03-22 14:57:19 UTC
Total malware sites :	1
A record(s) observed :	13

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-09-30 11:42:33	52.45.169.12	ec2-52-45-169-12.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2021-09-30 11:42:34	54.224.163.221	ec2-54-224-163-221.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2021-11-19 05:11:21	52.1.138.58	ec2-52-1-138-58.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2021-11-19 05:11:21	52.86.156.130	ec2-52-86-156-130.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2021-03-22 14:57:22	104.234.223.62		Not listed	AS30236 CRONOMAGIC-1	CA	no
2021-11-02 18:00:26	18.211.58.199	ec2-18-211-58-199.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2021-11-01 10:34:40	3.208.220.71	ec2-3-208-220-71.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2021-10-31 03:34:14	34.193.165.77	ec2-34-193-165-77.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2021-11-01 10:34:40	34.193.82.97	ec2-34-193-82-97.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2021-10-31 03:34:14	34.199.146.164	ec2-34-199-146-164.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-03-22 14:57:22	https://massage2u.co/aetw2e3vd.rar	Offline	Dridex	sugimu_sec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-03-22 18:56:39	0fc859cdbabed7b248622618449f5876e9f1808d9fd547fd42f60a0a52e06618	dll	Dridex
2021-03-22 17:33:42	9a466e559e5141ea8ef4a9a1194746b7c8921c63bcd1d3b910d75e6388619eb8	dll	Dridex
2021-03-22 16:06:47	41a3e4f6654ed1fd68fe102fa176d1ec47fb5cc263daf661443ac34dcce3cab0	dll	Dridex
2021-03-22 14:57:22	38cea6b8da276da415ba1f4127eb6db81f914e27335da458a540cd2db671886f	dll	Dridex