URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: jsw.co.id
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-12-03 07:58:03 UTC
Total malware sites :17
Online malware sites :0 (0%)
Offline Malware sites :17 (100%)
A record(s) observed :4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-27 08:22:08 103.30.147.113seturan.idweb.hostNot listedAS46050 JOGJACAMP-AS-ID- IDyes
2025-07-03 17:55:24 203.161.184.9seturan.idweb.hostNot listedAS46050 JOGJACAMP-AS-ID- IDno
2023-01-23 18:53:19 103.30.147.33payak.idweb.hostNot listedAS46050 JOGJACAMP-AS-ID- IDno
2020-12-03 07:58:06 202.52.146.24argosari.idweb.hostNot listedAS45324 GMEDIA-AS-ID- IDno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-04-06 10:36:12http://jsw.co.id/system1/rrrr.exeOfflineexe opendir RedLineStealer ext abuse_ch
2023-04-06 10:36:12http://jsw.co.id/system1/crypt.exeOfflineexe opendir RedLineStealer ext abuse_ch
2023-04-06 10:35:14http://jsw.co.id/system1/Group.exeOfflineexe opendir rat RemcosRAT ext abuse_ch
2023-02-13 15:31:12http://jsw.co.id/system1/qqqqq.exeOfflineexe Loki ext abuse_ch
2023-02-07 08:52:11http://jsw.co.id/system1/aaaaa.exeOfflineexe Loki ext opendir abuse_ch
2023-02-07 08:52:11http://jsw.co.id/system1/v1lEZv1iR7EamDp.exeOfflineexe Loki ext opendir abuse_ch
2023-01-23 18:54:12http://jsw.co.id/system1/supply.exeOfflineAgentTesla ext exe opendir abuse_ch
2023-01-23 18:54:11http://jsw.co.id/system1/crypt2.exeOfflineAgentTesla ext exe opendir abuse_ch
2023-01-23 18:54:11http://jsw.co.id/system1/Hcf4hIfNKVD9T46.exeOfflineAgentTesla ext exe opendir abuse_ch
2023-01-23 18:53:19http://jsw.co.id/system1/c4.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-03-08 13:02:39http://jsw.co.id/system2/UiwrxdrgDMulixc.exeOfflineAgentTesla ext exe jstrosch
2021-03-08 13:02:36http://jsw.co.id/system2/pyZ3UOnizdrMeQc.exeOfflineAgentTesla ext exe jstrosch
2021-03-04 07:33:10http://jsw.co.id/system2/eHmMJyS71c1gBMD.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-03-04 07:33:07http://jsw.co.id/system2/I9DozbT4FD10i8T.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-03-01 14:59:15http://jsw.co.id/system_/indexx.exeOfflineAgentTesla ext exe K_N1kolenko
2020-12-03 07:58:06http://jsw.co.id/systems2/boby%20(13333).exeOfflineAgentTesla ext exe opendir abuse_ch
2020-12-03 07:58:06http://jsw.co.id/systems2/lightnanocore.exeOfflineexe NanoCore ext opendir rat abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-04-06 10:36:12875d856c37fde99e43deb9fefb56e49a59687aa1fbf830b1b126168a29128e31exeRedLineStealer
2023-04-06 10:36:122cbbd2ddcf06673ed1ad758b71f2df75a21543ea149f15a73773ae90c6f5bce5exeRedLineStealer
2023-04-06 10:35:14d82562a1db289dff5085aee93a4a1bf572ee1ade364205e146a42667e02404d3exeRemcosRAT
2023-02-26 20:53:543e2f6ec5d299c785d30e65c3f48b2697b2dec1cd476f94882aca3986962bf27aexeLoki
2023-02-13 15:31:128cf5acb58e1cff07fa0279f116cf73a1f288aa186c138677c35a6baeffca0a83exeLoki
2023-02-07 08:52:111417d7a1c8a15742918f2642147257d87ef53f5b9e36f23c09cc31e00330d4b4exeLoki
2023-02-07 08:52:118609e1d5c447b9a77c1e151786125c55fd229f7bc7cd492e8b9bb766cda5d8f5exeLoki
2023-01-23 18:54:1261a4912c34ea05d5c180677feb003d686f608874b6c2ede97ee55e942f09bfd5exeAgentTesla
2023-01-23 18:54:1111182f6798be99d08c096d2f40d98dbab886ea80865744dc98f781d50fc4fdb7exeAgentTesla
2023-01-23 18:54:1159ab05310f9b369f794c927751f40fd7c9b0f32dc65726e6b89d570e8bc95204exeAgentTesla
2023-01-23 18:53:138a7d0fa7baba91123292f105a348bef627f11e64b187d656f0fb81baaa38f6c7exeAgentTesla
2021-03-04 07:33:1020649a9922f5fbcc070cf6d8455621b0891217ce1167f89c23ab6964abb90aaaexeAgentTesla
2021-03-04 07:33:076dfb862070c333d8b1c31169092b3d408f055a6275010ccc9204549e6986ca0bexeAgentTesla
2021-03-01 14:59:1539540a67e127cb27a4082b5e63f7d3d82963fec9f56e5a739f9f2b1a1e854baaexeAgentTesla
2020-12-03 07:58:05ea21a390c6c5044f6418d6bb9f4c989bfdebc109271fedde7fbea9d4622e0136exeAgentTesla
2020-12-03 07:58:05fb00dbb74f4759e719141608075ff88ad0241f6fbf19cbf23daa133098455a13exeNanoCore