URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	mysetup2.s3.ap-south-1.amazonaws.com
Domain registrar:	MarkMonitor
Domain registration date:	2005-08-18 02:10:45 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-09-05 11:54:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	282

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-09-07 15:21:23	52.219.156.90	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2022-09-08 21:51:34	52.219.64.127	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2023-04-07 10:10:21	3.5.208.129	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-12-11 05:06:02	3.5.213.145	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-11-29 11:07:27	52.219.156.22	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-09-06 04:01:31	52.219.158.106	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-09-06 07:42:20	52.219.158.150	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-09-08 17:06:24	52.219.160.150	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-11-02 16:06:56	52.219.66.3	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-09-05 16:40:58	52.219.66.55	s3-r-w.ap-south-1.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-09-06 05:50:06	https://mysetup2.s3.ap-south-1.amazonaws.com/UN...	Offline	dropby PrivateLoader	andretavare5
2022-09-05 11:54:06	https://mysetup2.s3.ap-south-1.amazonaws.com/2A...	Offline	dropby PrivateLoader	andretavare5

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-09-06 05:50:06	9b4f7d0163558187ebe95edd5cdfd86adf987e35327f37548bb6712ad3f7d782	exe
2022-09-05 11:54:06	7c57a653eca3197424fc352d42e80b183df11382a666e6842d328bfb5d64ca82	exe