URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 103.204.79.115
Firstseen:2025-08-17 07:39:04 UTC
Total malware sites :27
Online malware sites :0 (0%)
Offline Malware sites :27 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-08-17 07:39:13 103.204.79.115Not listedAS132839 POWERLINE-AS-AP- HKyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-08-17 08:48:15http://103.204.79.115:448/sjgj.apkOfflineua-wget BlinkzSec
2025-08-17 08:45:26http://103.204.79.115:448/gx.rarOfflineua-wget BlinkzSec
2025-08-17 08:45:22http://103.204.79.115:448/3ckma.zipOfflineua-wget BlinkzSec
2025-08-17 08:44:49http://103.204.79.115:448/2gp.zipOfflineua-wget BlinkzSec
2025-08-17 08:44:26http://103.204.79.115:448/new1.rarOfflineua-wget BlinkzSec
2025-08-17 08:44:22http://103.204.79.115:448/dupass.zipOfflineua-wget BlinkzSec
2025-08-17 08:44:11http://103.204.79.115:448/windows.exeOfflineua-wget BlinkzSec
2025-08-17 08:43:26http://103.204.79.115:448/4cgp.rarOfflineua-wget BlinkzSec
2025-08-17 08:42:55http://103.204.79.115:448/svchostfw.exeOfflineRedosdru ext ua-wget BlinkzSec
2025-08-17 08:42:46http://103.204.79.115:448/svchost.exeOfflineua-wget BlinkzSec
2025-08-17 08:42:44http://103.204.79.115:448/Plugins.rarOfflineua-wget BlinkzSec
2025-08-17 08:42:30http://103.204.79.115:448/%E4%B8%80%E9%94%AE%E5...Offlineua-wget BlinkzSec
2025-08-17 08:42:27http://103.204.79.115:448/svchostfw.sfx.exeOfflineua-wget BlinkzSec
2025-08-17 08:42:24http://103.204.79.115:448/1xd.rarOfflineua-wget BlinkzSec
2025-08-17 08:42:21http://103.204.79.115:448/Firefox.zipOfflineua-wget BlinkzSec
2025-08-17 08:42:20http://103.204.79.115:448/BWebCam.dllOfflineua-wget BlinkzSec
2025-08-17 08:42:18http://103.204.79.115:448/svchostls.rarOfflineua-wget BlinkzSec
2025-08-17 08:42:17http://103.204.79.115:448/NetSyst87.dllOfflineua-wget BlinkzSec
2025-08-17 08:42:16http://103.204.79.115:448/2222.rarOfflineua-wget BlinkzSec
2025-08-17 08:42:15http://103.204.79.115:448/dede1.dllOfflineua-wget BlinkzSec
2025-08-17 08:42:12http://103.204.79.115:448/ShllCodeDec.exeOfflineua-wget BlinkzSec
2025-08-17 08:42:12http://103.204.79.115:448/lm.zipOfflineua-wget BlinkzSec
2025-08-17 08:42:10http://103.204.79.115:448/destroyDefender.exeOfflineua-wget BlinkzSec
2025-08-17 08:42:10http://103.204.79.115:448/svchost.rarOfflineua-wget BlinkzSec
2025-08-17 08:42:08http://103.204.79.115:448/svshost3.zipOfflineua-wget BlinkzSec
2025-08-17 08:42:06http://103.204.79.115:448/1122.txtOfflinebat ua-wget BlinkzSec
2025-08-17 07:39:13http://103.204.79.115:448/Firefox.exeOfflineGh0stRAT opendir Redosdru ext fbone3

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-08-17 08:48:130b4900a75d048ed338f9be6248c66ff07db983733f931c66edeb6ac5cad1e2cazip  
2025-08-17 08:45:2621c9041c0f54b2259c93c7c223fe4ea24b472b5745628eb50a12d5517db36befrar  
2025-08-17 08:45:229c3de96358e68587f7d72a921d62bee94abe751a289d2cad7bea33221b20f082zip  
2025-08-17 08:44:493801f5aacf07312b67f1ddc7d0cf9fffb2a75e3949ae9fd646f93bedba53c236zip  
2025-08-17 08:44:26ef91f489f40d91d183cff633611bd0198a3b136fc64c8de9a89e4e6819c0e3e7rar  
2025-08-17 08:44:22ccae6f9dda84c66c54f605aeaff5d5988b764b0ac2db2bfd3fd30a3cc9215c1ezip  
2025-08-17 08:44:1172290d956d57e4d2370d4d202fe18ed53362b7a35c57ea8ad7b57cf481a98ef7exe 
2025-08-17 08:43:26019e270102cf747a44379521bcbeedb3a51fa236f4a2bc53e0a9b5da6dc3d712rar  
2025-08-17 08:42:55a8b063d6b7bf136f784e9ac680779d5a7ec8c31055630c4178403cbf4fc793c7exe Redosdru
2025-08-17 08:42:467c92e7f8b3a881ba74d18bb1f7a1e0a87e846a079f9bd8a17efac35b6e03ae97exe 
2025-08-17 08:42:44e4def23e67e9c9c4f39c64df047562fa308a9ba22ed3e6996a68f779fcf08e9crar  
2025-08-17 08:42:3008af6526a87b060df851becf179d462786fedbc1e40a6ef5d9833aadc9a13916exe  
2025-08-17 08:42:274519056d3bf4ef2ab746614645fca0db223507278fca02b0015b0af44d45e6abzip  
2025-08-17 08:42:24be493b09a729db2a740889c1158c48128072c436d9853c9731285f8ffd3d1f50rar  
2025-08-17 08:42:21edafd72fd263d22d3e85a4b881333fe59d96e3bb9109153740f09e2b1d8d7c22zip  
2025-08-17 08:42:20487b5f18e797f7b4550df63d6ac855f46812f7cc60bc868be609f2c20c9893b1unknown  
2025-08-17 08:42:17198961b2c7d768b4fd9b1920e06b65086158aa0925ecf59bb9af42a9b829a9aerar  
2025-08-17 08:42:17cdabc33a27b23c2060637193a4cbad94e16d31e6a4df7d67bdc6b63c1d056b30unknown 
2025-08-17 08:42:1626a444d1600215a6a7a39fab82891a698dbd7c9ca0d92a96fe28db9c939aba37rar  
2025-08-17 08:42:157baee22c9834bef64f0c1b7f5988d9717855942d87c82f019606d07589bc51a9unknown  
2025-08-17 08:42:12b85782e3df39b2ac0d07fa9ee49ece3995dd4df6631e87f4648570ec0b661b35exe  
2025-08-17 08:42:12a621336590a57235459fd61f8efb23a7e0206d5c9d11c4df475098d783562acdzip  
2025-08-17 08:42:10d97319994f6ff53d32b4a06804a7e234516aa17b257a5976281a3f48dcac15eaexe  
2025-08-17 08:42:10198961b2c7d768b4fd9b1920e06b65086158aa0925ecf59bb9af42a9b829a9aerar  
2025-08-17 08:42:08a6d149958152d9c4acb3034df9aa183f09812e260ade63bd1db8c04e422d81eczip  
2025-08-17 07:39:130fe7312d815d33f993276c3b76fbe6f4782bfcf605fbf4290b2a598dc548070bexe Redosdru