URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 202.61.139.18
Firstseen:2025-09-28 06:32:04 UTC
Total malware sites :19
Online malware sites :0 (0%)
Offline Malware sites :19 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-09-28 06:32:39 202.61.139.18SBL669380AS152194 CTGSERVERLIMITED-AS-AP- SGyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-09-28 14:18:46http://202.61.139.18:65120/linux_mipsel_softfloatOfflineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:45http://202.61.139.18:65120/linux_mipsOfflineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:45http://202.61.139.18:65120/linux_mips64_softfloatOfflineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:45http://202.61.139.18:65120/linux_mips64Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:42http://202.61.139.18:65120/linux_mips64el_softf...Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:42http://202.61.139.18:65120/linux_mips_softfloatOfflineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:41http://202.61.139.18:65120/linux_mips64elOfflineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:38http://202.61.139.18:65120/linux_mipselOfflineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:36http://202.61.139.18:65120/linux_arm64Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:36http://202.61.139.18:65120/linux_amd64Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:35http://202.61.139.18:65120/linux_arm6Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:34http://202.61.139.18:65120/linux_arm5Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:34http://202.61.139.18:65120/linux_arm7Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:32http://202.61.139.18:65120/linux_386Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:18:31http://202.61.139.18:65120/linux_ppc64elOfflineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:17:15http://202.61.139.18:65120/linux_ppc64Offlineelf geofenced Kaiji opendir ua-wget USA botnetkiller
2025-09-28 14:17:10http://202.61.139.18:65120/win.exeOfflineChaos exe opendir botnetkiller
2025-09-28 14:17:09http://202.61.139.18:65120/download.shOfflinegeofenced opendir sh ua-wget USA botnetkiller
2025-09-28 06:32:39http://202.61.139.18:808/download.shOfflinegeofenced opendir sh ua-wget USA botnetkiller

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-10-01 22:57:35eaf2f72b30f65be112e05c6ab5d4cd3df59155b97ac4f2e8f4bc589e966ae6c3elfKaiji
2025-10-01 04:25:4508310988e36012cabcfbb00d1aa0790117ff5f6d60572d974a452acb3ad2b400txt  
2025-09-28 14:18:46b06221aab526dfe8fb1b5233cbc62d6aa5b253c3f9aa2d7bceed8641405a4e06elfKaiji
2025-09-28 14:18:451c1046e173b4584a76869f3d9132dbb034acecda3837b23781f09c2678787a11elfKaiji
2025-09-28 14:18:456cb332c4248a7e6fdbffd4c36e3afa3f93a561f0f4836b5af9cfead5abd83cadelfKaiji
2025-09-28 14:18:456cb332c4248a7e6fdbffd4c36e3afa3f93a561f0f4836b5af9cfead5abd83cadelfKaiji
2025-09-28 14:18:426b2d4b72f1e5302f8db2683de4c2406c1057d74c2412fba669e4c5dbfd14c198elfKaiji
2025-09-28 14:18:424c93ed6a555c9202b0ff263607a1c39d8e2abe211c57b5f9d4acc80c9dc285c1elfKaiji
2025-09-28 14:18:416b2d4b72f1e5302f8db2683de4c2406c1057d74c2412fba669e4c5dbfd14c198elfKaiji
2025-09-28 14:18:3859d04334276a73bffdc8108362512e816b98991c8f2d66468fb2b7448dd46aa1elfKaiji
2025-09-28 14:18:36fb58552f2e41f83d38518142997eab68d9f1068b597ad43549ab44f9b2621af5elfKaiji
2025-09-28 14:18:360f126026a9a676a84ba2b93f152d7646626ad4b8e984025969bbd5c60a274775elfKaiji
2025-09-28 14:18:3500adc960a4c5b25828f84d45e8225c08e66cb9315cb745702b3007e1f7bb1a80elfKaiji
2025-09-28 14:18:349f9a1a829a4e61207cf6358d1c7fd9055204840a7be07ea6844d2aaf7913db6delfKaiji
2025-09-28 14:18:345079d694a0165fa0ffe864e00bc63619e4a77eaeb9652cf63a89dfee59887abdelfKaiji
2025-09-28 14:18:328a9d002bbce07fd74f8f9bba8196f84c348b30d2c1b965cdddbc1f8bee359790elfKaiji
2025-09-28 14:18:31a039d85be5679970d2af85f662c5018f6b51e47d0a7fc146d16d72cd525692adelfKaiji
2025-09-28 14:17:15b760ca2501fce0675753455ba5bf36f4518b253ee6617a2b28ad6f9c0adefcf9elfKaiji
2025-09-28 14:17:1019b2d144baa5343de7ffad9d60724b7af4dc612e2e456c7a85382adfb4f24e54exeRansomware.Chaos
2025-09-28 14:17:0908310988e36012cabcfbb00d1aa0790117ff5f6d60572d974a452acb3ad2b400txt