URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	193.35.154.205
Firstseen:	2025-12-13 02:31:05 UTC
Total malware sites :	17
Online malware sites :	0 (0%)
Offline Malware sites :	17 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-12-13 02:31:10	193.35.154.205		Not listed	AS212219 HostingDunyam	TR	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-12-25 07:57:15	http://193.35.154.205/i.mips	Offline	elf gafgyt ua-wget	abuse_ch
2025-12-25 07:56:12	http://193.35.154.205/i.arm4	Offline	elf gafgyt ua-wget	abuse_ch
2025-12-25 07:56:12	http://193.35.154.205/i.x86	Offline	elf gafgyt ua-wget	abuse_ch
2025-12-25 07:55:15	http://193.35.154.205/i.arm5	Offline	elf gafgyt ua-wget	abuse_ch
2025-12-25 07:55:15	http://193.35.154.205/i.mpsl	Offline	elf gafgyt ua-wget	abuse_ch
2025-12-25 07:55:15	http://193.35.154.205/i.arm6	Offline	elf gafgyt ua-wget	abuse_ch
2025-12-13 11:13:08	http://193.35.154.205/config4.json	Offline	CoinMiner config geofenced json ua-wget USA	botnetkiller
2025-12-13 07:54:14	http://193.35.154.205/bins.sh	Offline	gafgyt sh ua-wget	BlinkzSec
2025-12-13 02:31:25	http://193.35.154.205/xmrigMiner	Offline	CoinMiner elf geofenced mirai ua-wget USA x86	botnetkiller
2025-12-13 02:31:11	http://193.35.154.205/ionetworks.mpsl	Offline	elf gafgyt geofenced mips mirai ua-wget USA	botnetkiller
2025-12-13 02:31:10	http://193.35.154.205/zzh.sh	Offline	gafgyt geofenced mirai sh ua-wget USA	botnetkiller
2025-12-13 02:31:10	http://193.35.154.205/ionetworks.x86	Offline	elf gafgyt geofenced mirai ua-wget USA x86	botnetkiller
2025-12-13 02:31:10	http://193.35.154.205/ionetworks.mips	Offline	elf gafgyt geofenced mips mirai ua-wget USA	botnetkiller
2025-12-13 02:31:10	http://193.35.154.205/ionetworks.arm5	Offline	arm elf gafgyt geofenced mirai ua-wget USA	botnetkiller
2025-12-13 02:31:10	http://193.35.154.205/ionetworks.arm6	Offline	arm elf gafgyt geofenced mirai ua-wget USA	botnetkiller
2025-12-13 02:31:10	http://193.35.154.205/xmrigDaemon	Offline	elf geofenced ua-wget USA x86	botnetkiller
2025-12-13 02:31:10	http://193.35.154.205/ionetworks.arm4	Offline	arm elf gafgyt geofenced mirai ua-wget USA	botnetkiller

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-12-25 12:13:43	792b4b69b7dd3e1205a56ff0fb8b6b98ca040b5cdeda9b772563e6bd033d5e13	elf	CoinMiner
2025-12-25 07:57:15	2bb94741a7895cda8fc140564b8ab55cd27e52fd424f85d272c301765e7bf4f5	elf	Gafgyt
2025-12-25 07:56:12	9ab9f9bf8364e6f822e831e5fbe9611d6a5c09e9c03e173e5004d47c3cb4ff68	elf	Gafgyt
2025-12-25 07:56:12	dfb56c4ba7ae7f510113b3dcac04a9a0f7090d76949ee04235c02796e2a30f1f	elf	Gafgyt
2025-12-25 07:55:15	de2027289623210a2aeb746f8de4c6a92b080add00434ee0af27989990b5ddea	elf	Gafgyt
2025-12-25 07:55:15	a0d426e272559427d65ee72a20eb0693019d79d68b59c4d2d9c5af6523903023	elf	Gafgyt
2025-12-25 07:55:15	ef4953e007c080c371031a968ece2364114b10ab2dfee916498aa1f7a6f224cd	elf	Gafgyt
2025-12-25 01:01:32	83ced3e53dd56af0edeb969a05d04ce3475d71e5c8d7d2a36b9530d4b05843a4	json
2025-12-25 00:40:21	062f19f3c8f948c4d88ed7a163207f02014708635f57ac17c77e4aabfb10d264	sh	Gafgyt
2025-12-25 00:06:54	84e230e4478ca72929533d74eefe9bfce93d013a82cdcdb59032280bb7d30045	elf
2025-12-13 11:13:07	c8acef4111b8c9ef736d1ea5d726bfd1be2046a70932b10309c78c45f5403c64	json
2025-12-13 07:54:14	a22c52f0d1142da1eca1c715efdfdbac7a40d7764ce80517a83fc18f3f1778ee	sh	Gafgyt
2025-12-13 04:47:19	e39b55b4e62f5cd54ad2a0160478107a70b3bf347e05b152307f14111a5d2d76	elf	Mirai
2025-12-13 02:31:11	fbeffc678b3931304d95983bc5d9d817d132a0c5d3e2e23f4a27e501afa663e4	elf	Gafgyt
2025-12-13 02:31:10	0ea2d73e47b8642b24371be112fb04e455bc8577fa17911bd17793887cedeb7e	elf
2025-12-13 02:31:10	bd71a74141ac31ea87ac42c7e6837177422576b35e4c5b940ee5f2725b2a9ba7	elf	Gafgyt
2025-12-13 02:31:10	0f622b258be87d3f91224168c366b1c5de90af6fdcf941e2d8b72d0ad40cd4a4	elf	Gafgyt
2025-12-13 02:31:10	a4cb5422b2a7e49ad24ab4a80a1938fd0989e18d29541389ff6e4d37e40fb296	elf	Gafgyt
2025-12-13 02:31:10	d2670dd44eb6690c5f51e500da348566473f84665992d899c816fb66834a9081	elf	Gafgyt
2025-12-13 02:31:10	13f166bc0c57ed6f23acf5613c8366e0d4cfab1ca97b2689a841d48b9f237a14	elf	Gafgyt
2025-12-13 02:31:10	8436e9fc86edbd9ade63c6a8bf00b4ae4470cd27159417d0ff62955365f5857c	sh	Gafgyt