URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | topphanmem.net |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Blocked |
| AdGuard : | Blocked |
| Cloudflare : | Not blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2019-06-17 10:47:08 UTC |
| Total malware sites : | 1 |
| A record(s) observed : | 6 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-05-02 12:32:43 | 13.248.169.48 | a904c694c05102f30.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 |  US | yes |
| 2025-05-02 12:32:43 | 76.223.54.146 | a904c694c05102f30.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | yes |
| 2025-09-06 15:16:59 | 166.117.110.61 | Not listed | AS16509 AMAZON-02 | US | no | |
| 2025-09-06 15:16:59 | 99.83.161.153 | a2b7bf3398455f345.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | no |
| 2025-06-29 10:56:07 | 199.59.243.228 | Not listed | AS16509 AMAZON-02 | US | no | |
| 2019-06-17 10:47:15 | 103.28.39.4 | share-linux05u.nhanhoa.com | Not listed | AS131353 NHANHOA-AS-VN |  VN | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2019-06-17 10:47:15 | http://topphanmem.net/wp-content/themes/flatsom... | Offline | exe Troldesh  |  zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2019-06-20 02:11:49 | 4fe2304f1f28e9ce6859b67167a279151ef86e4772251b56768bdae99456ad42 | exe | Ransomware.Troldesh | |
| 2019-06-18 22:16:46 | fe16265680e080f79ae49f0aad84de61dbd3ec4c530484b5f21cb548cbe477d3 | exe | ||
| 2019-06-18 11:31:40 | f7f5e87806b1b86d6883926fff51e0ea761d52d2735d1ac7ebdcc8403c94a178 | exe | Ransomware.Troldesh | |
| 2019-06-17 22:06:36 | 0be74adb2c0a53a10270773594bd2f25bdc60bb2a31a9fa8710e15bafb2b5c6a | exe | Ransomware.Troldesh | |
| 2019-06-17 10:54:13 | bf3f2ecce628ce2d0129721d64b101992c485a641562fb67630b072d15d48bf6 | exe | Ransomware.Troldesh | |
| 2019-06-17 10:47:13 | fffacc0820694c1796f7bf9c0f14c946993ac09ff6e52ed96da53c0de106924a | exe | Ransomware.Troldesh |