URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	176.65.139.174
Firstseen:	2026-05-08 11:17:05 UTC
Total malware sites :	21
Online malware sites :	0 (0%)
Offline Malware sites :	21 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-05-08 11:17:17	176.65.139.174		SBL679274	AS214472 STORMINDUSTRIES	LU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-05-16 14:27:07	http://176.65.139.174/spread_fern.sh	Offline	176-65-139-174 ua-wget	BlinkzSec
2026-05-16 14:27:07	http://176.65.139.174/fern_bot	Offline	176-65-139-174 ua-wget	BlinkzSec
2026-05-16 14:26:08	http://176.65.139.174/fern_arm	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-16 14:26:08	http://176.65.139.174/fern_final_arm	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-16 14:26:08	http://176.65.139.174/fern_arm64	Offline	176-65-139-174 ua-wget	BlinkzSec
2026-05-16 14:26:08	http://176.65.139.174/mass_fingerprint.sh	Offline	176-65-139-174 ua-wget	BlinkzSec
2026-05-16 14:26:08	http://176.65.139.174/fern_server.c	Offline	176-65-139-174 ua-wget	BlinkzSec
2026-05-16 14:26:08	http://176.65.139.174/fern.b64	Offline	176-65-139-174 ua-wget	BlinkzSec
2026-05-16 14:26:08	http://176.65.139.174/mass_deploy.sh	Offline	176-65-139-174 ua-wget	BlinkzSec
2026-05-16 14:26:08	http://176.65.139.174/fern_bot.c	Offline	176-65-139-174 ua-wget	BlinkzSec
2026-05-10 11:29:20	http://176.65.139.174/xtc.mips	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:20	http://176.65.139.174/xtc.mpsl	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:19	http://176.65.139.174/xtc.x86	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:08	http://176.65.139.174/xtc.arm7	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:07	http://176.65.139.174/xtc.arm	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:07	http://176.65.139.174/xtc.arm6	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:07	http://176.65.139.174/xtc.ppc	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:07	http://176.65.139.174/xtc.sh4	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:06	http://176.65.139.174/xtc.x86_64	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-10 11:29:06	http://176.65.139.174/xtc.arm5	Offline	176-65-139-174 mirai ua-wget	BlinkzSec
2026-05-08 11:17:17	http://176.65.139.174/x	Offline	176-65-139-174 sh ua-wget	BlinkzSec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-05-16 14:27:07	f1ae8db29227ce3c51c80a31027dcc326e73dc98e596cf898c94f109e003ab75	elf
2026-05-16 14:27:07	742345c53671e85c327ff9e1883eee28d190119b751e2fe96d8be4074716dd29	sh
2026-05-16 14:26:08	cf8d143ffc18a1918e582024891968d64fd487b991aafa6514d74e8566231a18	sh
2026-05-16 14:26:08	dcd5f41060d328907ebf9c1d966f20ea91a9a2a9ab6a769756e89db6d749900d	elf
2026-05-16 14:26:08	babf913dd844ec3d8be0b10986a0d9c5214b503551cfcb1b1a7563c2224e5a68	elf	Mirai
2026-05-16 14:26:08	ffa58f6141bae0c88d26dd9a5cfb4294137228c42d1ed5bf738734e8e338e804	elf	Mirai
2026-05-10 13:04:16	1d2fb9e62366f88b3b9a9906393abc00fbcee3c3853ee9b42b0ae87955b90c5e	elf	Mirai
2026-05-10 12:51:58	e6a5e43bd602bee11f85a18b60e271c7b62dc7ab6af4abb01e53b7b0d0ba8ac0	elf	Mirai
2026-05-10 12:32:17	4fdb4cb819eabf2c283b99a0bb4f0dfd647a460b081844f03957fc3c444d783c	elf	Mirai
2026-05-10 11:29:07	22ee6a56690aaa637dc669309b264cf59a7e18677fd73850702673da7323b914	elf	Mirai
2026-05-10 11:29:07	4b9b2e991d9f591aa7be6e65a21d5a9910f7673fae8895823f79981da14b92e8	elf	Mirai
2026-05-10 11:29:07	6d1dc1b4c1d9b9714fad4cddfcd5e9811e6a17176dfbd7dc310d3d9eba673518	elf	Mirai
2026-05-10 11:29:07	342e9f1a8dfc430bf002e8848abcc710dd8960ad701479169298c380629489a7	elf	Mirai
2026-05-10 11:29:07	36b78bfc84e968cbb25826e386c95ed94d4d1c17e15b422d61e07759ef459de9	elf	Mirai
2026-05-10 11:29:06	3772d371c8d92668e9c6f3b34ab854546afe9e5adfeb802057bb45e7ee3efeb9	elf	Mirai
2026-05-10 11:29:06	572b8ea63cb65507fc86050c6649cb5f965541f35e4797b351bddf703c22c232	elf	Mirai