URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name). This page shows all malware URLs that are associated with the host 159.203.102.4.

Database Entry


Host: 159.203.102.4
Firstseen:2019-11-08 21:10:02 UTC
Malware URLs:12

IP addresses


The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-11-08 21:10:03 159.203.102.4Not listedAS14061 DIGITALOCEAN-ASN- USyes

Malware URLs


The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2019-11-08 21:11:20http://159.203.102.4/apache2Offlinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:11:17http://159.203.102.4/sshdOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:11:15http://159.203.102.4/bashOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:11:13http://159.203.102.4/[cpu]Offlinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:11:10http://159.203.102.4/ntpdOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:11:08http://159.203.102.4/tftpOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:11:06http://159.203.102.4/cronOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:11:03http://159.203.102.4/pftpOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:10:11http://159.203.102.4/wgetOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:10:08http://159.203.102.4/opensshOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:10:06http://159.203.102.4/shOfflinebashlite elf gafgyt ext @zbetcheckin
2019-11-08 21:10:03http://159.203.102.4/ftpOfflinebashlite elf gafgyt ext @zbetcheckin