diff --git a/policy/detectors/http-MHR.bro b/policy/detectors/http-MHR.bro
index ed0484b011..8f3f5cc00c 100644
--- a/policy/detectors/http-MHR.bro
+++ b/policy/detectors/http-MHR.bro
@@ -18,14 +18,13 @@ event log_http(rec: HTTP::Info)
 	{
 	if ( rec?$md5 )
 		{
-		local url = HTTP::build_url(rec);
 		local hash_domain = fmt("%s.malware.hash.cymru.com", rec$md5);
-		
 		when ( local addrs = lookup_hostname(hash_domain) )
 			{
 			# 127.0.0.2 indicates that the md5 sum was found in the MHR.
 			if ( 127.0.0.2 in addrs )
 				{
+				local url = HTTP::build_url_http(rec);
 				local message = fmt("%s %s %s", rec$id$orig_h, rec$md5, url);
 				NOTICE([$note=Malware_Hash_Registry_Match, 
 				        $msg=message, $id=rec$id, $URL=url]);
diff --git a/policy/protocols/http/detect-webapps.bro b/policy/protocols/http/detect-webapps.bro
index faca849721..c11cd5bbd8 100644
--- a/policy/protocols/http/detect-webapps.bro
+++ b/policy/protocols/http/detect-webapps.bro
@@ -26,7 +26,7 @@ event signature_match(state: signature_state, msg: string, data: string) &priori
 	
 	local c = state$conn;
 	local si = Software::parse(msg, c$id$resp_h, WEB_APPLICATION);
-	si$url = build_url(c$http);
+	si$url = build_url_http(c$http);
 	if ( c$id$resp_h in Software::tracked &&
 	     si$name in Software::tracked[c$id$resp_h] )
 		{
diff --git a/policy/protocols/http/file-hash.bro b/policy/protocols/http/file-hash.bro
index cfc13d39c6..b32bba65e3 100644
--- a/policy/protocols/http/file-hash.bro
+++ b/policy/protocols/http/file-hash.bro
@@ -72,7 +72,7 @@ event http_message_done(c: connection, is_orig: bool, stat: http_message_stat) &
 	
 	if ( c$http$calculating_md5 )
 		{
-		local url = build_url(c$http);
+		local url = build_url_http(c$http);
 		c$http$calculating_md5 = F;
 		c$http$md5 = md5_hash_finish(c$id);
 		
diff --git a/policy/protocols/http/file-ident.bro b/policy/protocols/http/file-ident.bro
index 828fff24c3..421b482085 100644
--- a/policy/protocols/http/file-ident.bro
+++ b/policy/protocols/http/file-ident.bro
@@ -58,7 +58,7 @@ event signature_match(state: signature_state, msg: string, data: string) &priori
 	if ( msg in mime_types_extensions && 
 	     c$http?$uri && mime_types_extensions[msg] !in c$http$uri )
 		{
-		local url = build_url(c$http);
+		local url = build_url_http(c$http);
 		local message = fmt("%s %s %s", msg, c$http$method, url);
 		NOTICE([$note=IncorrectFileType,
 		        $msg=message,
diff --git a/policy/protocols/http/utils.bro b/policy/protocols/http/utils.bro
index 78512d9169..a8eb680ede 100644
--- a/policy/protocols/http/utils.bro
+++ b/policy/protocols/http/utils.bro
@@ -7,6 +7,7 @@ module HTTP;
 export {
 	global extract_keys: function(data: string, kv_splitter: pattern): string_vec;
 	global build_url: function(h: Info): string;
+	global build_url_http: function(h: Info): string;
 }
 
 
@@ -30,5 +31,10 @@ function build_url(h: Info): string
 	local host = h?$host ? h$host : fmt("%s", h$id$resp_h);
 	if ( h$id$resp_p != 80/tcp )
 		host = fmt("%s:%s", host, h$id$resp_p);
-	return fmt("http://%s%s", host, uri);
+	return fmt("%s%s", host, uri);
+	}
+	
+function build_url_http(h: Info): string
+	{
+	return fmt("http://%s", build_url);
 	}
\ No newline at end of file