URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | down.qqfarmer.com.cn |
|---|---|
| Domain registrar: | n/a |
| Domain registration date: | 2009-08-21 13:58:29 UTC |
| Spamhaus DBL : | Abused domain (malware) |
| SURBL : | Blocked |
| Quad9 : | Blocked |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2018-11-01 04:02:06 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 1 (50%) |
| Offline Malware sites : | 1 (50%) |
| Newest active malware site : | 2024-08-29 14:15:02 UTC |
| Oldest active malware site : | 2024-08-29 14:15:02 UTC (Age: 1 year, 9 month, 6 days, 5 hours, 30 minutes) |
| A record(s) observed : | 1'311 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-05-08 18:03:40 | 117.68.127.50 | Not listed | AS140527 CHINANET-ANHUI-WUHU-IDC |  CN | yes | |
| 2026-05-08 18:03:41 | 117.68.127.51 | Not listed | AS140527 CHINANET-ANHUI-WUHU-IDC | CN | yes | |
| 2026-05-13 18:37:20 | 117.68.89.19 | Not listed | AS140527 CHINANET-ANHUI-WUHU-IDC | CN | no | |
| 2026-05-13 18:37:20 | 117.68.89.20 | Not listed | AS140527 CHINANET-ANHUI-WUHU-IDC | CN | no | |
| 2026-05-12 18:02:01 | 117.68.89.32 | Not listed | AS140527 CHINANET-ANHUI-WUHU-IDC | CN | no | |
| 2026-05-14 06:31:06 | 117.68.89.33 | Not listed | AS140527 CHINANET-ANHUI-WUHU-IDC | CN | no | |
| 2026-04-08 04:06:47 | 180.163.146.15 | Not listed | AS4811 CHINANET-SHANGHAI-MAN | CN | no | |
| 2026-02-25 02:26:55 | 180.163.146.19 | Not listed | AS4811 CHINANET-SHANGHAI-MAN | CN | no | |
| 2026-02-25 02:26:53 | 180.163.146.31 | Not listed | AS4811 CHINANET-SHANGHAI-MAN | CN | no | |
| 2026-02-25 02:26:55 | 180.163.146.32 | Not listed | AS4811 CHINANET-SHANGHAI-MAN | CN | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-08-29 14:15:02 | http://down.qqfarmer.com.cn/QQHelper_1540.exe | Online | AZORult  exe |  SynapticShaam |
| 2018-11-01 04:02:14 | http://down.qqfarmer.com.cn/QQHelper_1400.exe | Offline | exe |  zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-05-01 11:33:34 | 4900bf4dbb5b8b62f232f1748cb1c41e1c9486385e4cba31796c7d9dd61fe6c0 | exe | ||
| 2025-04-17 09:38:48 | ce98d9fee4bbde3b245fc5a2967b1ae959e83d6e30bd21f4deee6ef0385757b7 | exe | ||
| 2025-03-15 01:25:52 | 060ab0949a9babb536a1858c1145ecf7a86c30b7ab28348f3ef48cd7b9c13498 | exe | ||
| 2025-03-14 18:36:03 | 32705440d258d0df1d6c440ad88160b496d909272353a8aea5e25599a0c25d8c | exe | ||
| 2025-01-25 23:12:51 | ecca5fba5ed62e9745db14b966bd8c3aadd73b5a77376176146c373f6d78a93f | exe | ||
| 2025-01-25 16:56:28 | 9413e3a4a582f5f99e5b913ddabc132a5f5ede7a7d595e1e9230dfa053303bf6 | exe | ||
| 2024-11-30 18:38:56 | 5096c6becd338f3afc2c7a29124a78745bc188663746861de0fc0a7b5dcd5546 | exe | ||
| 2024-08-29 14:14:12 | 4f91f9c5d3baf612a1920ae8b2c49a1ee9850d018e308f8e65184a9046138658 | exe | AZORult |