URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-11-15 02:54:54 | 13.248.169.48 | a904c694c05102f30.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 |  US | yes |
| 2025-11-15 02:54:54 | 76.223.54.146 | a904c694c05102f30.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | yes |
| 2025-11-11 15:57:36 | 64.190.63.222 | Not listed | AS47846 SEDO-AS |  DE | no | |
| 2025-10-31 19:37:46 | 99.83.209.64 | a664a626a2c35329d.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-10-31 19:37:46 | 75.2.31.249 | a664a626a2c35329d.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-04-27 16:04:54 | 199.59.243.228 | Not listed | AS16509 AMAZON-02 | US | no | |
| 2021-06-04 14:47:13 | 100.25.55.3 | ec2-100-25-55-3.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
| 2021-06-04 14:47:12 | 18.233.42.116 | ec2-18-233-42-116.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
| 2021-05-29 12:23:00 | 3.211.15.76 | ec2-3-211-15-76.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
| 2021-05-29 12:23:00 | 34.199.141.44 | ec2-34-199-141-44.compute-1.amazonaws.com | Not listed | AS14618 AMAZON-AES | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-10-14 18:52:03 | http://paymentsconsole.giving.agency/sys-cache/... | Offline | doc emotet  epoch2 |  unixronin |
| 2020-10-14 18:51:05 | https://paymentsconsole.giving.agency/sys-cache... | Offline | doc emotet epoch2 heodo | unixronin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-10-14 21:34:58 | 89805057d1a481cf26a6efd0f74ed731cefd3ee7547ac6f529a6cce3223f6d07 | doc | Heodo | |
| 2020-10-14 21:24:21 | 9140235214871fd0aa4167f88aafd261126784ecf7c266b1f5678c46dc9be18d | doc | Heodo | |
| 2020-10-14 20:59:49 | acac416cece30666385ae079cb90ec34a542354582617767f179f71cfc03384b | doc | Heodo | |
| 2020-10-14 20:40:20 | 0d4936ae5e3283118f9e06740ac00c8fb354fd8ae5abe43d0ee6b3bdd1cc56e9 | doc | Heodo | |
| 2020-10-14 20:21:52 | b4cf90104e1c633a207abdb3339c42f5439bf889fc1c9129d7fbdf41ef337999 | doc | Heodo | |
| 2020-10-14 20:01:01 | dff04a292f708be6dc651f4164c2f711a836eeab00529793693a3f25518a0341 | doc | Heodo | |
| 2020-10-14 19:48:33 | f8682dff194df2aeec3387ee4554f0374cac8d776c24a84061dd127d67a86aef | doc | Heodo | |
| 2020-10-14 19:14:57 | 11b6433cc50996eaa60f48be87ac8627f7ef22e82111415e743daee3d32b613a | doc | Heodo | |
| 2020-10-14 18:51:05 | 1df6aef022d1cbf3066209efa10f084a0089988d6d488006d43ef433edf1cac3 | doc | Heodo |