URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 31.59.136.111 |
|---|---|
| Firstseen: | 2026-02-08 13:52:04 UTC |
| Total malware sites : | 11 |
| Online malware sites : | 10 (91%) |
| Offline Malware sites : | 1 (9%) |
| Newest active malware site : | 2026-02-08 19:32:16 UTC |
| Oldest active malware site : | 2026-02-08 13:52:11 UTC (Age: 1 day, 7 hours, 31 minutes) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-02-08 13:52:11 | 31.59.136.111 | Not listed | AS56971 AS56971 |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2026-02-08 19:32:16 | http://31.59.136.111/cc.sh | Online | sh ua-wget |  NDA0E |
| 2026-02-08 19:32:16 | http://31.59.136.111/ds.sh | Online | sh ua-wget | NDA0E |
| 2026-02-08 19:32:12 | http://31.59.136.111/cf | Offline | sh ua-wget | NDA0E |
| 2026-02-08 19:30:29 | http://31.59.136.111/tcp | Online | elf mirai  ua-wget | NDA0E |
| 2026-02-08 19:30:20 | http://31.59.136.111/ntp | Online | elf ua-wget | NDA0E |
| 2026-02-08 19:29:24 | http://31.59.136.111/check | Online | elf ua-wget | NDA0E |
| 2026-02-08 19:29:24 | http://31.59.136.111/aws | Online | elf ua-wget | NDA0E |
| 2026-02-08 19:29:18 | http://31.59.136.111/dns | Online | elf mirai ua-wget | NDA0E |
| 2026-02-08 19:29:17 | http://31.59.136.111/client | Online | elf ua-wget | NDA0E |
| 2026-02-08 13:59:11 | http://31.59.136.111/get | Online | elf ua-wget | NDA0E |
| 2026-02-08 13:52:11 | http://31.59.136.111/1.sh | Online | sh ua-wget | NDA0E |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-02-08 19:32:15 | b75da3eab9ab1ac9829ea84f514683ebb55312bc19347455bfd6a173f21a9b92 | sh | ||
| 2026-02-08 19:32:15 | 576c7ec626df5317c75eccb70885cb14ff73e29e6b85e30a234f7cffebed784b | sh | ||
| 2026-02-08 19:30:29 | ee6deb679815cf992af8322c646fb087c78976c25581a6bd73fb50ee0563036d | elf | Mirai | |
| 2026-02-08 19:30:20 | b8dbd8a3a4716ae7fa22fba13c55066be7e784bd203d9855c4b76b5305f7a8fe | elf | ||
| 2026-02-08 19:29:24 | 52ac53a7d690d1c4f3a53672f1d4f42783c462598badfab6f7f378da6a5ac163 | elf | ||
| 2026-02-08 19:29:24 | b14699f0a73fd0a19912b3d046a230ba278e87d7c2307cdd8bea7c2ac68fa450 | elf | ||
| 2026-02-08 19:29:18 | b99f0bc191398e1a0d92cd7a722bb1f6e9c3d146b6624053ce8d62e3bd123f16 | elf | Mirai | |
| 2026-02-08 19:29:17 | 892e46dbb5754d9977143c5510712396f3ae35cbeeaf36e2a0bf76a5d30c5689 | elf | ||
| 2026-02-08 13:59:11 | a8608f71e175e5ea616b16fe13c2c31318027555e5129e12e3a0a86741be59e2 | elf | ||
| 2026-02-08 13:52:11 | 66b5e739cdf6432034dd0074f4e51b757423d7e97be06198760cd451a3efd7a9 | sh |