URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: fidarshimi.com
Domain registrar:OnlineNIC -
Domain registration date:2020-04-20 13:01:04 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-09-20 13:49:04 UTC
Total malware sites :1
A record(s) observed :3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-05-01 17:00:05 116.202.227.34decp11.intocpanel.comNot listedAS24940 HETZNER-AS- DEyes
2023-02-26 14:01:32 116.202.227.22decp11.mihanvps.comNot listedAS24940 HETZNER-AS- DEno
2022-09-20 13:49:07 136.243.131.100static.100.131.243.136.clients.your-server.deNot listedAS24940 HETZNER-AS- DEno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-09-20 13:49:07https://fidarshimi.com/anz/OpenVPNGUI.exeOfflinedropby N-W0rm PrivateLoader RedLineStealer ext andretavare5

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-10-22 09:06:35f5977f994ee65abdf950c4db5ae9001bca8c2bc9d3c1a7ff03a52aefd402c5fcexe RedLineStealer
2022-10-22 07:45:285cbadb97c7ce8adfb83760042a214ff7a9fdf447a8ce6c91ec19f3dcd4f6c4c9exe RedLineStealer
2022-10-22 05:44:083ee75f6a4b31115d1392af5ef893b6dc7ea30305bfb249d49ce1cd33aa1d0f97exeN-W0rm
2022-10-22 03:53:227b39a3a66d3611ac2026161cf8a01fe2447092759544e996e9be16a96eff04fbexe RedLineStealer
2022-10-19 14:54:0296574697cdb53f062b239c4252a3c9aa85376ed566389eb48d7aae0418df4318exeN-W0rm
2022-10-19 07:48:52a0bf7c1184092027ccea8b4381e7f359662bcc317ac4c7a2e02459d1b66d9da6exeRedLineStealer
2022-10-19 06:38:14783559e98939ca1bc184e1e6af99b43ca6a2bbcb4ce7c2734f42fceee1fb0504exe RedLineStealer
2022-10-19 03:02:213d053bf98b77d7617b0edb6e6e050d215c6d8270b7a10d97034c0e46f4375a08exeRedLineStealer
2022-10-19 01:58:49c8724d7d7c8e9c054c52905cc8469d87f4e8d16bdc1a013a8ea983690e43a2caexeRedLineStealer
2022-09-21 03:04:3684bffe0134a76cc4fe3a3addab50d85b781f57bd6c4693a04321164b691b8c00exe RedLineStealer
2022-09-21 01:48:5501b5ee4fd24c7814df0d3dfd4b7bdc892825774127bd8350a037ed33e4565168exe RedLineStealer
2022-09-21 00:43:541adc5e81a85f915acdac460c01a69f6cd0f36114ebb5ef94f8fa41613a657dd2exe RedLineStealer
2022-09-20 23:27:596bcd31b82da0322f6e356f503bb3ca2b0c1ade0482632322e2d0136ea4775ba1exe RedLineStealer
2022-09-20 22:21:2783c2020440b15c4301f2aa7528ab6a317adab793762ee17c0aee9ef717f1bf69exe RedLineStealer
2022-09-20 20:46:4115602b31720fe3af143d179633ad7be007e46579f4613bc25c633bc4c8cbebf9exe RedLineStealer
2022-09-20 19:21:521fda2d1c1c161e51b6ac01ce6503d62782493417339cb1304a07cbd6f2ff98eeexe RedLineStealer
2022-09-20 18:12:5353ebdf6d62e1aaa7d1ade0a1d7fcbe95e6967a723b6e3c531961bae78afabf2bexe RedLineStealer
2022-09-20 17:05:24c94d30cedc3657bce5ed5a06633cb83adf6b18f253c6ced01462d0a891dd4123exeRedLineStealer
2022-09-20 15:43:524be839ef16079be8c184fae241e067b607860f60c7cc45f4de438f0ab1ec722eexeRedLineStealer
2022-09-20 15:16:315ea64524fc886f66d5b3aa5311e2daa4c033a9a23104bfea0829b0f46a26d264exeRedLineStealer
2022-09-20 14:51:58c0908595a7264db050cdfc6067b6193935fa95812ea93d0a167748f6e34149a7exeRedLineStealer
2022-09-20 13:49:06cc04d694f64cf0c0e875c279d0aca58c18fe6796dfd94282b61039d400126900exeRedLineStealer