URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 5.59.248.92
Firstseen:2024-09-04 01:30:09 UTC
Total malware sites :28
Online malware sites :0 (0%)
Offline Malware sites :28 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2024-09-04 01:30:11 5.59.248.92it-pom-server.powered-by.c1vhosting.itNot listedAS212271 C1V- ITyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-01-12 19:56:06http://5.59.248.92/bins/Cinquento.m68kOfflineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:56:06http://5.59.248.92/bins/Cinquento.sh4Offlineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:56:06http://5.59.248.92/bins/Cinquento.arm5Offlineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:55:07http://5.59.248.92/bins/Cinquento.arm6Offlineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:55:07http://5.59.248.92/bins/Cinquento.armOfflineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:55:07http://5.59.248.92/bins/Cinquento.x86Offlineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:54:07http://5.59.248.92/bins/Cinquento.mpslOfflineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:54:07http://5.59.248.92/yarnOfflinemirai ext opendir sh ua-wget DaveLikesMalwre
2025-01-12 19:54:07http://5.59.248.92/bins/Cinquento.mipsOfflineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:54:07http://5.59.248.92/bins/Cinquento.spcOfflineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:54:06http://5.59.248.92/bins/Cinquento.ppcOfflineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:54:06http://5.59.248.92/Cinquento.shOfflinemirai ext opendir sh ua-wget DaveLikesMalwre
2025-01-12 19:54:06http://5.59.248.92/payOfflinemirai ext opendir sh ua-wget DaveLikesMalwre
2025-01-12 19:54:06http://5.59.248.92/bins/Cinquento.arm7Offlineelf mirai ext opendir DaveLikesMalwre
2025-01-12 19:54:06http://5.59.248.92/binOfflinemirai ext opendir sh ua-wget DaveLikesMalwre
2024-09-05 16:32:06http://5.59.248.92/x86Offline 32-bit elf x86-32 geenensp
2024-09-04 22:43:06http://5.59.248.92/c.mipsOfflinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 22:43:05http://5.59.248.92/c.ppcOfflinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 22:43:05http://5.59.248.92/c.arm6Offlinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 22:42:05http://5.59.248.92/c.spcOfflinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 22:42:05http://5.59.248.92/c.arm5Offlinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 22:42:05http://5.59.248.92/c.m68kOfflinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 22:42:05http://5.59.248.92/c.arm7Offlinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 22:42:05http://5.59.248.92/c.armOfflinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 22:42:05http://5.59.248.92/c.mpslOfflinec elf HoneypotV3 mirai ext NDA0E
2024-09-04 16:56:04http://5.59.248.92/c.x86Offline 32-bit c elf gafgyt ext HoneypotV3 mirai ext x86-32 geenensp
2024-09-04 10:26:05http://5.59.248.92/bins/cutie.i586Offline 32-bit elf x86-32 geenensp
2024-09-04 01:30:11http://5.59.248.92/x0ox0ox0oxDefault/z0r0.x86Offline 32-bit elf x86-32 geenensp

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-01-12 19:56:06174fdab071a3759753c98d4f2f554623ca5bfe165e888e7658dfffaff3358901elfMirai
2025-01-12 19:56:06366def995e8c81dd60c8ea538f00788d97080b79d9ca3c663dba728459913503elfMirai
2025-01-12 19:56:06cb2706d62de598be16fd338017cd9996848cbc78f0aee981aa00bb0fd8a1680eelfMirai
2025-01-12 19:55:0700f98e30d0bb1fbed6bce1d83709a1105611755baa8e94a0eac2cf930ac58018elfMirai
2025-01-12 19:55:07f97f81448cd1d1d792a798993c0ad738a1e7daeb0952ba0b33951cce0ec6783belfMirai
2025-01-12 19:55:07fcafdc9a736da58957c22b2c0904ba678a5001a090598dd100bfac591ae4408aelfMirai
2025-01-12 19:54:071b827695fedd23e8418cb6f368abcab51f89dde3e7715730af2f88f10c515e3felfMirai
2025-01-12 19:54:07e89af3e8129665aa440a1ebf26b6cf0815040d5416b468ca75cbfbd20b149f6ashMirai
2025-01-12 19:54:07515cf0523472e7bbe5b422c3511545a3597bb9a9d4c0d4dd4447f2a7501a79d5elfMirai
2025-01-12 19:54:06e89af3e8129665aa440a1ebf26b6cf0815040d5416b468ca75cbfbd20b149f6ashMirai
2025-01-12 19:54:0651e792caaee17582173963ab95b7c5be26151d66938cb8fa3b128e7cb362a75aelfMirai
2025-01-12 19:54:06e89af3e8129665aa440a1ebf26b6cf0815040d5416b468ca75cbfbd20b149f6ashMirai
2025-01-12 19:54:06e89af3e8129665aa440a1ebf26b6cf0815040d5416b468ca75cbfbd20b149f6ashMirai
2025-01-12 19:54:066ed67622b1164dbdb53f767002dfae9a65d68760da1cf25631c4f4c7fa64174aelfMirai
2025-01-12 19:54:06a6cc850dd77bc277c14c2106d2fa4f41822097d9f7fef86327f9ecca5f74c196elfMirai
2024-09-05 16:32:061a7e3bdd4b3387a165069467a1c8bd5c3fb912d7790eeb9403214fb78cb396e1elf  
2024-09-04 22:43:0549793e729a5e01743459de312465789669c0fb3186997c950bd3313d35f940abelfMirai
2024-09-04 22:43:05eb08bbbfda950f2d70ff145f009374326a04b40ec03a4306cac65d681259ca59elfMirai
2024-09-04 22:43:056288acb6cba9348a2b4da51bdc63250f14726f9a63c0eadd9bf364020111f73delfMirai
2024-09-04 22:42:055354dc283ac0fa5135d4a4967536f02048a8a8a1d3eb1c6eb37a869367f04f26elfMirai
2024-09-04 22:42:050d99ecb3c631baac1bd3e8c863bfe0087729d7af9fe005fc6d58712d493a70d4elfMirai
2024-09-04 22:42:0565b126e31c5d791273b6f2f9dc78fdb0fbb93793d64ca4ab5ffafd5c14c61d49elfMirai
2024-09-04 22:42:050aa7304453ec3340cb88c54191f6170b3a1ca1bbc175f1ea70484f114b16923belfMirai
2024-09-04 22:42:05f5f9ac8f0c797fe180a544cef5a468c69305ff60be17d2f89dfe55a0e474feaeelfMirai
2024-09-04 22:42:053bcfc04e63b6d9007ce4c63b9334ce56b333dfc2f54997b311d698fde4a3934aelfMirai
2024-09-04 22:34:28b6de5cf6c8b7f0aa0483d8ca388405c7c966ce67a1e6ac3392453b9ca169bb83elfMirai
2024-09-04 16:56:0484b68cb884062b62c3d89ef8fcf5a74d7e7b8b57cc0e75aed782530ccb8c9148elfGafgyt
2024-09-04 10:26:05529b22f30a04ef4bba97e2c62eeec7bc06cdae4365c2323dfa03bd6be6440426elf  
2024-09-04 01:30:106e43fc983870b849a9e7f0d49ced5ba5097c74f49b2ef5e0d66d2489efff7238elf