URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	5.59.106.115
Firstseen:	2024-11-05 16:20:05 UTC
Total malware sites :	14
Online malware sites :	2 (14%)
Offline Malware sites :	12 (86%)
Newest active malware site :	2026-02-17 12:30:15 UTC
Oldest active malware site :	2026-02-12 22:18:11 UTC (Age: 15 days, 16 hours, 9 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-11-05 16:20:11	5.59.106.115		Not listed	AS56400 ASSPDChernega	UA	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-02-17 12:30:15	http://5.59.106.115:37834/bin.sh	Online	32-bit elf mips Mozi	geenensp
2026-02-12 22:18:11	http://5.59.106.115:37834/i	Online	32-bit elf mips Mozi	geenensp
2026-01-18 14:00:18	http://5.59.106.115:49220/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2026-01-16 15:04:16	http://5.59.106.115:49220/i	Offline	32-bit elf Mozi	threatquery
2026-01-05 09:01:16	http://5.59.106.115:42701/i	Offline	32-bit elf Mozi	threatquery
2025-12-26 23:54:21	http://5.59.106.115:52645/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-12-23 09:27:11	http://5.59.106.115:52645/i	Offline	32-bit elf mips Mozi	geenensp
2024-12-01 05:47:08	http://5.59.106.115:41048/i	Offline	32-bit elf mips Mozi	geenensp
2024-12-01 05:16:05	http://5.59.106.115:41048/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2024-11-10 01:17:05	http://5.59.106.115:42371/i	Offline	32-bit elf mips Mozi	geenensp
2024-11-10 00:47:05	http://5.59.106.115:42371/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2024-11-06 13:52:05	http://5.59.106.115:46848/i	Offline	32-bit elf mips Mozi	geenensp
2024-11-06 13:38:04	http://5.59.106.115:46848/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2024-11-05 16:20:11	http://5.59.106.115:46848/Mozi.m	Offline	elf Mozi	lrz_urlhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type
2026-02-17 12:30:15	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2026-02-12 22:18:11	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2026-01-18 14:00:18	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2026-01-16 15:04:16	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2026-01-05 09:01:16	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2025-12-26 23:54:21	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2025-12-23 09:27:11	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2024-12-01 05:47:08	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2024-12-01 05:16:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2024-11-10 01:17:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2024-11-10 00:47:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2024-11-06 13:52:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2024-11-06 13:38:04	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2024-11-05 16:20:07	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf