URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	176.65.139.64
Firstseen:	2026-03-30 12:40:06 UTC
Total malware sites :	16
Online malware sites :	16 (100%)
Offline Malware sites :	0 (0%)
Newest active malware site :	2026-03-31 10:59:17 UTC
Oldest active malware site :	2026-03-30 12:40:08 UTC (Age: 1 day, 8 hours, 48 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-03-30 12:40:08	176.65.139.64		SBL679274	AS214472 STORMINDUSTRIES	LU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-03-31 10:59:17	http://176.65.139.64/spc	Online	elf mirai ua-wget	BlinkzSec
2026-03-31 10:58:13	http://176.65.139.64/arm4	Online	elf mirai ua-wget	BlinkzSec
2026-03-31 10:57:17	http://176.65.139.64/i486	Online	elf mirai ua-wget	BlinkzSec
2026-03-30 23:12:17	http://176.65.139.64//arm5	Online	arm elf mirai ua-wget	botnetkiller
2026-03-30 23:12:17	http://176.65.139.64//arm7	Online	arm elf mirai ua-wget	botnetkiller
2026-03-30 23:12:17	http://176.65.139.64//sh4	Online	elf mirai SuperH ua-wget	botnetkiller
2026-03-30 23:12:17	http://176.65.139.64//x86	Online	elf mirai ua-wget x86	botnetkiller
2026-03-30 23:12:17	http://176.65.139.64//arc	Online	arc elf mirai ua-wget	botnetkiller
2026-03-30 23:12:17	http://176.65.139.64//mips	Online	elf mips mirai ua-wget	botnetkiller
2026-03-30 23:12:17	http://176.65.139.64//i686	Online	elf mirai ua-wget x86	botnetkiller
2026-03-30 23:11:14	http://176.65.139.64//ppc	Online	elf mirai PowerPC ua-wget	botnetkiller
2026-03-30 23:11:14	http://176.65.139.64//x86_64	Online	elf mirai ua-wget x86	botnetkiller
2026-03-30 23:11:14	http://176.65.139.64//m68k	Online	elf m68k mirai ua-wget	botnetkiller
2026-03-30 23:11:14	http://176.65.139.64//arm6	Online	arm elf mirai ua-wget	botnetkiller
2026-03-30 23:11:14	http://176.65.139.64//mpsl	Online	elf mips mirai ua-wget	botnetkiller
2026-03-30 12:40:08	http://176.65.139.64/ohshit.sh	Online	mirai script	geenensp

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-03-31 10:59:17	bca785f9414b03e36fd19239ef8ac56a36f5075c9275886e67f36977791af61f	elf	Mirai
2026-03-31 10:58:13	f73a91223fd07749822aa74d2bfe5be447ea4e0dbbfb882f7038a143f3cf34f6	elf	Mirai
2026-03-31 10:57:17	3398f6aa08fd21b87a404c8535b9da157ede1cffd5561ec8a66f2f5434e795c5	elf	Mirai
2026-03-30 23:12:17	4885331407de9b6c53c1745baf61d02cee868378f20e9d4e52f9319af7e57d62	elf	Mirai
2026-03-30 23:12:17	96f0ddb6fbf3fc415f57ddb5bcd0b815e0d7b40b9106003bcbb899d129035bc9	elf	Mirai
2026-03-30 23:12:17	12bad2f53d559715b93055ddcc760356e5d190dcbf9c0756d1ec46eecbfdf179	elf	Mirai
2026-03-30 23:12:17	ab6132b08cb8dd8ffcfbe47b39f44029d8cb3fa99d84c05e75b17338fee51357	elf	Mirai
2026-03-30 23:12:17	9f231e84ed3e25365ba6b42ef20deaa1321331954228b8928910a874b38f6296	elf	Mirai
2026-03-30 23:12:17	e4a6d32addb98d951d353880e05a080fa8cdeda2118b8e7937832fa9417c8e60	elf	Mirai
2026-03-30 23:12:17	fe670335a7b4191791ed95670f5e1fa40560169d5872d8b88d82f09ec9f9d5f1	elf	Mirai
2026-03-30 23:11:14	c74e8151940f4afed1ac9503af18f0d93d7ea95f41de82e14f948570c5c79947	elf	Mirai
2026-03-30 23:11:14	af13b739773d218822065ab005d7eb7a7ff013b40c498dddc072dad0951f4793	elf	Mirai
2026-03-30 23:11:14	4e965cf78d36680d88890fc0df2e41d81f289c407eae66bb4749532f04240e92	elf	Mirai
2026-03-30 23:11:14	c2acf0de72dfd618430422265f411c51618fbeb721cf8460c4cf34e1e3b70077	elf	Mirai
2026-03-30 23:11:14	446f4e4d25f2b3a99a034b1fb2b4b0fee48a82ba02346f068f2bbf5238e38f21	elf	Mirai
2026-03-30 12:40:08	e85e295ea489ab1650f656897ee0fd9d4e1ff1f115b2f6af7fa90eb6e469112a	sh	Mirai