URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-28 04:24:17 | 15.197.148.33 | a2aa9ff50de748dbe.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 |  US | yes |
| 2025-04-28 04:24:17 | 3.33.130.190 | a2aa9ff50de748dbe.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | yes |
| 2021-06-03 03:19:31 | 52.84.221.111 | server-52-84-221-111.fco50.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-06-03 03:19:29 | 52.84.221.32 | server-52-84-221-32.fco50.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-06-03 03:19:30 | 52.84.221.55 | server-52-84-221-55.fco50.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-06-03 03:19:32 | 52.84.221.99 | server-52-84-221-99.fco50.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-04-16 13:48:54 | 13.226.155.106 | server-13-226-155-106.dus51.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-04-16 13:48:54 | 13.226.155.122 | server-13-226-155-122.dus51.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-04-16 13:48:54 | 13.226.155.3 | server-13-226-155-3.dus51.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2021-04-16 13:48:54 | 13.226.155.76 | server-13-226-155-76.dus51.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2020-10-29 13:35:05 | https://www.d1zi.com/wp-content/ai1wm-backups/1... | Offline | doc emotet  epoch2 heodo |  Cryptolaemus1 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-10-29 17:16:42 | c0ed3a0650c71fa45b196ae3af361c4b91d38f00db69b912eaf14f2aeb543aff | doc | Heodo | |
| 2020-10-29 16:50:40 | 160b0b89551ebfd8cb3f4274dc5f8cdb203642886e8f1e95b493227e4b34ace7 | doc | Heodo | |
| 2020-10-29 16:38:10 | 541fe3cb96d86e7e7acac38913e1f12a0006bb4e07269700b8878279ecb8df5c | doc | Heodo | |
| 2020-10-29 15:31:52 | 75df04fe2bbfe95af6c2ff3ad6beb372645597b0350f6cc16f995a09e27da829 | doc | Heodo | |
| 2020-10-29 15:06:00 | 62a00d40cc12aa508ac276663bcf8a77077e394977dd3682be09139582ac29c2 | doc | Heodo | |
| 2020-10-29 14:37:35 | cd3fe863b543b7cff0caa09fe57459ed428b05158a34dd748438f0f7a671fabb | doc | Heodo | |
| 2020-10-29 14:09:45 | dd1f36356c3a35bd4fa5c58dbc9798b01714e04d123539649c3932a8164288b8 | doc | Heodo | |
| 2020-10-29 13:38:57 | 405fadefb4061d6af8c5857c120bb843c94b11edd508facc87ddc8c95c45081a | doc | Heodo | |
| 2020-10-29 13:35:05 | 3a2e90fab180e4802d87707829a02157b25a93f71da8a2a62796b59483d315c7 | doc | Heodo |