URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	176.65.139.42
Firstseen:	2026-03-07 16:02:05 UTC
Total malware sites :	21
Online malware sites :	1 (5%)
Offline Malware sites :	20 (95%)
Newest active malware site :	2026-04-04 21:22:10 UTC
Oldest active malware site :	2026-04-04 21:22:10 UTC (Age: 1 day, 3 hours, 40 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-03-07 16:02:09	176.65.139.42		SBL679274	AS214472 STORMINDUSTRIES	LU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-04-05 04:12:05	http://176.65.139.42:8080/per.go	Offline	CoinMiner Go opendir ua-wget	botnetkiller
2026-04-05 04:11:16	http://176.65.139.42:8080/per	Offline	CoinMiner elf opendir ua-wget	botnetkiller
2026-04-04 21:22:10	http://176.65.139.42:8080/proxyv2.sh	Online	CoinMiner opendir sh ua-wget	botnetkiller
2026-04-04 16:58:19	http://176.65.139.42:8080/dob.sh	Offline	CoinMiner opendir sh ua-wget	botnetkiller
2026-04-04 16:57:21	http://176.65.139.42:8080/get1.sh	Offline	CoinMiner opendir sh ua-wget	botnetkiller
2026-04-04 16:57:21	http://176.65.139.42:8080/proxy.sh	Offline	CoinMiner opendir sh ua-wget	botnetkiller
2026-04-04 16:57:17	http://176.65.139.42:8080/get.sh	Offline	CoinMiner opendir sh ua-wget	botnetkiller
2026-04-04 02:16:10	http://176.65.139.42:8080/apt0.sh	Offline	CoinMiner opendir sh ua-wget	botnetkiller
2026-03-10 02:01:05	http://176.65.139.42/bins/cool.sh	Offline	geofenced mirai opendir sh ua-wget USA	botnetkiller
2026-03-07 16:02:12	http://176.65.139.42/bins/x86_64	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:11	http://176.65.139.42/bins/sh4	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:10	http://176.65.139.42/bins/ppc	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:10	http://176.65.139.42/bins/arm7	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:10	http://176.65.139.42/bins/x86	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:10	http://176.65.139.42/bins/arm6	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:10	http://176.65.139.42/bins/arm	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:10	http://176.65.139.42/bins/spc	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:10	http://176.65.139.42/bins/mipsel	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:10	http://176.65.139.42/bins/m68k	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:09	http://176.65.139.42/bins/mips	Offline	elf geofenced mirai ua-wget USA	botnetkiller
2026-03-07 16:02:09	http://176.65.139.42/bins/arm5	Offline	elf geofenced mirai ua-wget USA	botnetkiller

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-04-05 04:11:15	0b55d648d53d5865de199eb1ebd72184036aea0857cebd347b6bb8eb4ccfd714	elf
2026-04-05 04:05:27	8dc79c044f08ba417cbec8a4e50d71de29351e9a657121fcdad3f32041a74ff7	sh
2026-04-04 21:22:10	dbd1594b55ec5174a4f9287f88f7c70e3727696f2e6aaaba372da395a97c75d6	sh
2026-04-04 16:58:19	f5213422073f752fe534ac6e88b777b728dc9a85474ae577c92ec8db5692b961	sh
2026-04-04 16:57:21	6bfcf6860490b0952ee283f22b0f5cb536a48a6e3d8676b2596e68651929fed2	sh
2026-04-04 16:57:21	49f7c39a65dd92b1d4e266d99c239253197f48d07d5c8ca2dbcb086ddc9c4751	sh
2026-04-04 16:57:17	76447a4f69bb57266c1fc004b08cf69ade02d0b8db73a4e3d903b9d72732f7ad	sh
2026-04-04 02:16:10	4f361ec950cc375e21caab543e37b463e0a5dc3d7f8d8d188f3498932cd46d5c	sh	CoinMiner
2026-03-08 22:01:22	0e4bf8be4a390438e0582a3659a5348da41d2c92ea29ede35190a06c30bd0bac	elf	Mirai
2026-03-08 03:25:50	919e8fb3bc3efa6fc014c99ad056ef43eb01a1d1d00a7bcdcd2ee58e099c4a8a	elf	Mirai
2026-03-07 16:02:12	7fc132b9b986683ae456c4d31b98427008584d9b0ff05684804419c7bb5ae585	elf	Mirai
2026-03-07 16:02:11	91621d0c2c33c6108dc9c6b49cd081a5bf3f6c50f3f75dbb6be80c7332f2accf	elf	Mirai
2026-03-07 16:02:10	39d68839e8a19b23d13e68bae166b5ae36596fe9831decaf68d5f1d1e2f1588d	elf	Mirai
2026-03-07 16:02:10	375b90f092061faa5842a013514d17dca2f9d1f326c73aaece02759875ae1fe0	elf	Mirai
2026-03-07 16:02:10	002755d98cede8bf9bb7fa3dd4665cb35aaa8ac3b7b3ad4a81befb64622cbe55	elf	Mirai
2026-03-07 16:02:10	fd78729bffc56f9801c75072511c81bc29c530d05af5b614dcde352b6f1dbf5a	elf	Mirai
2026-03-07 16:02:10	bac8eaae693e2d7b18b917d8c52e00eeefdc9bf1014b324a0b1ab16b7f3e13ef	elf	Mirai
2026-03-07 16:02:10	b7b86adb378b1c9dd37e9b34327be1c54b1ee44e122b12d6c73ea1eb49fb9913	elf	Mirai
2026-03-07 16:02:10	7b9ba082df5fd5dbcba73175f3bba57ddccef25fce1512c0708367bbd0fb3859	elf	Mirai
2026-03-07 16:02:09	2967f78d71dc4c0f29f1a4b8c2dd40cb0a2db03ed09e4fb0c577e7f5ea0299ae	elf	Mirai
2026-03-07 16:02:09	126bb7fe59f613f236a4e007a19b4952241162b3af3f8a41e1b2faefd6746f67	elf	Mirai
2026-03-07 16:02:09	bf113dd0b032f4abd156a6fc9af4928463b3882e554eb1fea5b4df5885b58213	elf	Mirai