URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	5-253-86-21.cprapid.com
Domain registrar:	Tucows
Domain registration date:	2019-05-16 21:16:20 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2025-10-13 18:55:19 UTC
Total malware sites :	16
Online malware sites :	0 (0%)
Offline Malware sites :	16 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-13 18:55:31	5.253.86.21		Not listed	AS213438 colocatel-inc	US	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-10-21 17:06:12	http://5-253-86-21.cprapid.com/bot.i686	Offline	botnetdomain elf mirai	BlinkzSec
2025-10-21 17:06:12	http://5-253-86-21.cprapid.com/curl.sh	Offline	botnetdomain sh	BlinkzSec
2025-10-21 17:06:12	http://5-253-86-21.cprapid.com/ftpget.sh	Offline	botnetdomain sh	BlinkzSec
2025-10-21 17:06:11	http://5-253-86-21.cprapid.com/bot.mips	Offline	botnetdomain elf mirai	BlinkzSec
2025-10-21 16:50:17	http://5-253-86-21.cprapid.com/bot.mipsel	Offline	botnetdomain elf mirai	BlinkzSec
2025-10-21 16:50:17	http://5-253-86-21.cprapid.com/arm5	Offline	botnetdomain elf mirai	BlinkzSec
2025-10-21 16:50:17	http://5-253-86-21.cprapid.com/bot.armv7l	Offline	botnetdomain elf mirai	BlinkzSec
2025-10-21 16:50:17	http://5-253-86-21.cprapid.com/bot.i586	Offline	botnetdomain elf mirai	BlinkzSec
2025-10-21 16:50:12	http://5-253-86-21.cprapid.com/bot.armv4l	Offline	botnetdomain elf mirai	BlinkzSec
2025-10-13 19:02:12	http://5-253-86-21.cprapid.com/T	Offline	botnetdomain elf gafgyt	BlinkzSec
2025-10-13 18:59:29	http://5-253-86-21.cprapid.com/bins/XDzdfxzf	Offline	botnetdomain elf gafgyt	BlinkzSec
2025-10-13 18:56:52	http://5-253-86-21.cprapid.com/update.sh	Offline	botnetdomain mirai sh	BlinkzSec
2025-10-13 18:55:43	http://5-253-86-21.cprapid.com/XDzdfxzf	Offline	botnetdomain elf gafgyt	BlinkzSec
2025-10-13 18:55:43	http://5-253-86-21.cprapid.com/a.out	Offline	botnetdomain elf gafgyt	BlinkzSec
2025-10-13 18:55:37	http://5-253-86-21.cprapid.com/lol	Offline	botnetdomain elf gafgyt	BlinkzSec
2025-10-13 18:55:31	http://5-253-86-21.cprapid.com/bins.sh	Offline	botnetdomain gafgyt mirai sh	BlinkzSec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2025-10-21 17:06:12	3e7604bb6c92991a3f49ae46e4e76f4a67c5711c11becad6f5e0cc2441965fec	txt
2025-10-21 17:06:12	8781e8ac38ff72fe2168e3b62b75db47ff3bbb90da29ce18fc4732dd261ce7f1	txt
2025-10-21 17:06:12	533000a78d42bee90839ed417fb216bf9dbb6afdbb5e285efe3bda5a24d8e0a5	elf		Mirai
2025-10-21 17:06:11	b399eaf6238be55d5967d150d8ddce452ca38d9d283b5ed0a4693fecd86a8819	elf		Mirai
2025-10-21 16:50:17	c4381c1d7a61c78e12a7b903d1f5ab531c7605a814022e90f3020d0a3c3d8a15	elf		Mirai
2025-10-21 16:50:17	eaf3447663d95584650861c8c2afa0cceff6df64e0215b27ebbfa777a0c65ec7	elf		Mirai
2025-10-21 16:50:17	089c0265fe505a1bcb043536edea7517211632f208467fa52491697f36b02c0e	elf		Mirai
2025-10-21 16:50:17	e827115ddaece0476a81cd528961283e570eaa9339fb58b483c02630889064a0	elf		Mirai
2025-10-21 16:50:12	34c7bfb6808bb3b027bb6c7551cfc92e02f1748d314fe65883a01c6738c8aaea	elf		Mirai
2025-10-18 11:13:54	fc715a7ebcb71d9020169f9bd23d12f3dfeb0aa311785cb93d5725f1b2bfe5b8	sh		Mirai
2025-10-13 19:02:12	dcb9ffa705448d13eb89e12d853615e8d21c429a91a60d7bd80add94d8c4bce4	elf		Gafgyt
2025-10-13 18:59:29	1b37a8704c9441ad299d064a8e910ac528deb4efe1c6fb5c4478279f31828e63	elf		Gafgyt
2025-10-13 18:56:51	725e6681c2ee8b785825687ecf79a3ced0bf2e9ccf283ca7f5b4efa0bb45ef0a	sh		Mirai
2025-10-13 18:55:43	183cc6fc1130e68338d3673193df2d7f591d22143f5fd72875c37843553d5e1a	elf		Gafgyt
2025-10-13 18:55:43	1b37a8704c9441ad299d064a8e910ac528deb4efe1c6fb5c4478279f31828e63	elf		Gafgyt
2025-10-13 18:55:37	210b2a799c3a67f16ce82924b0d71fee35c26402130839cf6dd3aeb3c9a859d7	elf		Gafgyt
2025-10-13 18:55:31	fc762805251333e8c824f3ed52e0171d2e24f06fe527fc43f3c2eb6dad20f15e	sh		Gafgyt