URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 124.223.105.161 |
|---|---|
| Firstseen: | 2025-06-13 12:32:04 UTC |
| Total malware sites : | 1 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-06-13 12:32:08 | 124.223.105.161 | Not listed | AS45090 TENCENT-NET-AP |  CN | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-06-13 12:32:08 | http://124.223.105.161:8902/files/data/drss/drb... | Online | exe |  Riordz |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-08-20 14:30:37 | bf7ab6e8e9dc2013c179286a89b04ddef06aa2e6bb52249443975ef930815226 | zip | ||
| 2025-07-18 11:19:34 | 34e6b320a46dfb80972c09af67c463c0abe8c525e863df66b7cb111a1157181f | zip | ||
| 2025-06-13 12:32:07 | 1c20b223d758502ace11f216a89a2897a61118de7b0cc6578da9a1116709f5b3 | zip |