URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 104.168.101.215
Firstseen:2024-09-01 11:45:05 UTC
Total malware sites :27
Online malware sites :0 (0%)
Offline Malware sites :27 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2024-09-01 11:45:07 104.168.101.215bigdatahospit14e.geranioflloriis.cfdNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-09-26 19:40:07http://104.168.101.215/testcOfflinemirai ext opendir sh NDA0E
2024-09-26 19:40:07http://104.168.101.215/massOfflinemirai ext opendir sh NDA0E
2024-09-26 18:20:07http://104.168.101.215/4gOfflinemirai ext sh shellscript ua-wget BlinkzSec
2024-09-26 18:19:05http://104.168.101.215/armOfflineelf ua-wget BlinkzSec
2024-09-26 18:19:05http://104.168.101.215/arm5Offlineelf ua-wget BlinkzSec
2024-09-26 18:19:05http://104.168.101.215/arm7Offlineelf ua-wget BlinkzSec
2024-09-26 18:19:05http://104.168.101.215/x86Offlineelf ua-wget BlinkzSec
2024-09-26 18:19:05http://104.168.101.215/aarch64Offlineelf ua-wget BlinkzSec
2024-09-26 18:19:05http://104.168.101.215/mpslOfflineelf ua-wget BlinkzSec
2024-09-26 18:19:05http://104.168.101.215/mipsOfflineelf ua-wget BlinkzSec
2024-09-26 14:52:05http://104.168.101.215/tOfflinemirai ext sh Anonymous
2024-09-06 21:14:05http://104.168.101.215/bins/sora.arm7Offline32-bit elf threatquery
2024-09-06 21:14:05http://104.168.101.215/bins/sora.armOffline32-bit elf threatquery
2024-09-05 09:28:05http://104.168.101.215/bins/bot.armOffline32-bit elf threatquery
2024-09-01 11:46:07http://104.168.101.215/bins/jew.arm7Offlineelf jew opendir NDA0E
2024-09-01 11:46:07http://104.168.101.215/bins/jew.x86Offlineelf jew opendir NDA0E
2024-09-01 11:46:07http://104.168.101.215/bins/jew.mipsOfflineelf jew opendir NDA0E
2024-09-01 11:46:07http://104.168.101.215/bins/jew.arm6Offlineelf jew opendir NDA0E
2024-09-01 11:46:07http://104.168.101.215/bins/jew.armOfflineelf jew opendir NDA0E
2024-09-01 11:46:06http://104.168.101.215/bins/jew.mpslOfflineelf jew opendir NDA0E
2024-09-01 11:46:06http://104.168.101.215/bins/jew.m68kOfflineelf jew opendir NDA0E
2024-09-01 11:46:06http://104.168.101.215/bins/jew.spcOfflineelf jew opendir NDA0E
2024-09-01 11:46:06http://104.168.101.215/bins/jew.sh4Offlineelf jew opendir NDA0E
2024-09-01 11:46:06http://104.168.101.215/bins/jew.arm5Offlineelf jew opendir NDA0E
2024-09-01 11:46:06http://104.168.101.215/bins/jew.ppcOfflineelf jew opendir NDA0E
2024-09-01 11:45:07http://104.168.101.215/wget.shOfflinejew mirai ext opendir sh NDA0E
2024-09-01 11:45:07http://104.168.101.215/jewn.shOfflinejew mirai ext opendir sh NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-09-26 19:40:0647a6f8acc4d05c6c00b1c4ed04f544da77b3f10b08ea25fade1a8277b0d3cc09sh  
2024-09-26 19:40:06549beb27f2dc4a5591260f3d90e6bda712b0be9630e809ce80a47eae02e96598sh  
2024-09-26 18:20:0794ee92cc618d4a3dbad5954501e56f2dca254d54cd0293556ce96fb0e541ec55sh  
2024-09-26 18:19:05ffa9138c969efed8501694133c4c42dccb6122b4ef51b163ebe9acf4e9fdd205elf 
2024-09-26 18:19:059b40bf0e42b68a4c4ad90fbc92ad0f3663a78814e30fb4a4d0a57ad9b71d6e96elf 
2024-09-26 18:19:057ba36b6d598086583bdec3fb74b828b7e0a8f82915f8b9747a6ac089da0089c8elf 
2024-09-26 18:19:057e25ca6d84dddad79e66bdb605051e2992f6d3eb90c4deb0bb152477a5bc39efelf 
2024-09-26 18:19:05b5fd12fa135ab6de832072f9435dabf3809c8096968cb207684cba0dcdac03d1elf 
2024-09-26 18:19:05bb2dfed3fd2ae48149c4cefb032e7635add0d8945e3a0f22b087e02ecf915cd4elf 
2024-09-26 18:19:055fd38a4338e8c16d189228f471acfd795397137ac292a7a1c89e0d03231a1e19elf 
2024-09-26 14:52:05a3c3d9224aaa33f9e242a056b52df21d5abef9ad5d39fa84f5ca05bf893ded8dsh  
2024-09-13 17:48:22469f59be0d22071e0a890137e42204fb390a082fa52921aea4b78ef70ff981a8elf  
2024-09-12 23:42:21ebeb52fc167cd33f726afea78dcc69c44aba7328705c7f1aeb7aa5ad695f65a0elf  
2024-09-12 20:29:4325cdfd955934d8f40e36eada1b95073bc46921f6aa4b34301eb9ccd1332c03d5elf  
2024-09-06 21:14:054829f170923a2d537417c4b63e99b4e5f17a429ac78aaa566546f3c06c881413elf  
2024-09-06 21:14:0598cb0936225105da3e007ea4c3929492893ec9a88ccd0c08c7dfceb402c6ae6delf  
2024-09-05 09:28:0528e9d66cbd06ae51cbb01b159de82a5434fb3abf26c8f2bde5c25f74ffdb6e00elf  
2024-09-01 11:46:07cd0f1cd9baca3979ae3ce596f76cdf45365d147305df97e69f9b288bc18e272belf  
2024-09-01 11:46:073b14aea26c83428a0460e3920b04ddddf75c071de4a5dc140c0cc56234572dd9elf  
2024-09-01 11:46:0784e948e7174681e3721d06d3152807460067cd582b2740a1e5e3b02d0d0ed85aelf  
2024-09-01 11:46:071359e2d80bb527ea200b0a3291035a17f55fa062976c4344cdd67f07cf0494e7elf  
2024-09-01 11:46:077013903b4fddcbb68ab08d54b0836f707df3024ed90e657ee9b036c7af2970a7elf  
2024-09-01 11:46:0629bb7fa3352ad84e6725d9ddd230be3dfb1afa2b1ce1ca8cdc061d2b5a309a17elf  
2024-09-01 11:46:067c99f5d7e1733d7989fb8b80615c3e5b735f8c07c1285a27b13c4d03ee5025e6elf  
2024-09-01 11:46:06f67686c4190e72c5df7aad903cdc1ad5bd2ffa4452472cd5f1a505742a2c5b98elf  
2024-09-01 11:46:063140dedd9618873feba215dccf932091122f69e59169068eeeb9a3e24a89baaeelf  
2024-09-01 11:46:060a12a7a989d098c8e6785e78efbba2bd980e469b5be4f36232d08d3d5f7dc305elf  
2024-09-01 11:46:0681d8d53128ba90cdf5872ebfce983f5134d09c28d57c10ed40cb6dbd53d43cc8elf  
2024-09-01 11:45:06ed5b1c0bbab80f76aaacf54e294b617e6d6d8eb1d6d5c6cf535f0f6edc1d4af6sh  
2024-09-01 11:45:06ed5b1c0bbab80f76aaacf54e294b617e6d6d8eb1d6d5c6cf535f0f6edc1d4af6sh