URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 84.200.81.239
Firstseen:2025-08-21 15:01:06 UTC
Total malware sites :34
Online malware sites :0 (0%)
Offline Malware sites :34 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-08-21 15:01:18 84.200.81.239Not listedAS214036 ULTAHOST-AS- DEyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-09-28 13:42:06http://84.200.81.239/hiddenbin/stardust.shOfflinegeofenced mirai ext opendir sh ua-wget USA botnetkiller
2025-08-27 17:15:13http://84.200.81.239/bins/well.arcOfflinemirai ext opendir DaveLikesMalwre
2025-08-27 17:15:10http://84.200.81.239/bins/well.mpslOfflinemirai ext opendir DaveLikesMalwre
2025-08-27 17:15:05http://84.200.81.239/bins/well.armOfflinemirai ext opendir DaveLikesMalwre
2025-08-27 17:14:25http://84.200.81.239/bins/well.x86Offlinemirai ext opendir DaveLikesMalwre
2025-08-27 17:14:25http://84.200.81.239/bins/well.m68kOfflinemirai ext opendir DaveLikesMalwre
2025-08-27 17:14:24http://84.200.81.239/bins/well.arm6Offlinemirai ext opendir DaveLikesMalwre
2025-08-27 17:14:20http://84.200.81.239/bins/well.mipsOfflinemirai ext opendir DaveLikesMalwre
2025-08-27 17:14:18http://84.200.81.239/bins/well.arm7Offlinemirai ext opendir DaveLikesMalwre
2025-08-27 17:14:14http://84.200.81.239/bins/well.sh4Offlinemirai ext opendir DaveLikesMalwre
2025-08-27 17:14:14http://84.200.81.239/bins/well.ppcOfflinemirai ext opendir DaveLikesMalwre
2025-08-27 17:14:08http://84.200.81.239/bins/well.arm5Offlinemirai ext opendir DaveLikesMalwre
2025-08-26 14:55:25http://84.200.81.239/bins/sora.mipsOfflineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:25http://84.200.81.239/bins/sora.arm5Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:24http://84.200.81.239/bins/sora.arm6Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:23http://84.200.81.239/bins/sora.mpslOfflineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:23http://84.200.81.239/bins/sora.x86Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:20http://84.200.81.239/bins/sora.arm7Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:20http://84.200.81.239/bins/sora.spcOfflineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:20http://84.200.81.239/bins/sora.m68kOfflineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:20http://84.200.81.239/bins/sora.armOfflineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:20http://84.200.81.239/bins/sora.ppcOfflineelf mirai ext ua-wget ClearlyNotB
2025-08-26 14:53:20http://84.200.81.239/bins/sora.sh4Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-21 16:18:16http://84.200.81.239/hiddenbin/boatnet.arcOfflineelf mirai ext ua-wget BlinkzSec
2025-08-21 16:18:16http://84.200.81.239/hiddenbin/boatnet.x86Offlineelf mirai ext ua-wget BlinkzSec
2025-08-21 16:18:16http://84.200.81.239/hiddenbin/boatnet.mipsOfflineelf mirai ext ua-wget BlinkzSec
2025-08-21 16:18:16http://84.200.81.239/hiddenbin/boatnet.arm6Offlineelf mirai ext ua-wget BlinkzSec
2025-08-21 16:17:28http://84.200.81.239/hiddenbin/boatnet.sh4Offlineelf mirai ext ua-wget BlinkzSec
2025-08-21 16:17:24http://84.200.81.239/hiddenbin/boatnet.arm5Offlineelf mirai ext ua-wget BlinkzSec
2025-08-21 16:17:19http://84.200.81.239/hiddenbin/boatnet.ppcOfflineelf mirai ext ua-wget BlinkzSec
2025-08-21 16:17:19http://84.200.81.239/hiddenbin/boatnet.m68kOfflineelf mirai ext ua-wget BlinkzSec
2025-08-21 15:01:21http://84.200.81.239/hiddenbin/boatnet.mpslOffline32-bit elf mirai ext Mozi ext threatquery
2025-08-21 15:01:18http://84.200.81.239/hiddenbin/boatnet.arm7Offline32-bit elf mirai ext Mozi ext threatquery
2025-08-21 15:01:18http://84.200.81.239/hiddenbin/boatnet.armOffline32-bit elf mirai ext Mozi ext threatquery

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-09-29 06:56:24fd75abace2cad5777ba55bd9e1acb817e06046e48eee47e38bba3f8125d2a119shMirai
2025-08-27 17:15:12e4f442cde97b712c91b0925053ee2fa8680fb15f33d2603fe653dff07ea8142celfMirai
2025-08-27 17:15:10c25b5747b20111772d6e2b261ca50aade4eaf0bfeb494b973ab4ef3887f90924elfMirai
2025-08-27 17:15:050ee5e3aad8658d78d8fb28bbd2f97077e03876215f96c0050907992dc08dce94elfMirai
2025-08-27 17:14:252ca4078493df1c862135eb8cd61dc7276accdf138131f5ab9afde0113cc7c8f4elfMirai
2025-08-27 17:14:241d121e56615b7c4bebfe42d6b611aa74cb7ec5425ff3a19a6ca027a64001fa7eelfMirai
2025-08-27 17:14:23822f11971d3a36df31fd58fd461f3b94bcd4a61cdc6707a122822aa548019e24elfMirai
2025-08-27 17:14:195ada71d83e1537052d85ce47384304c7c63deed7fc56d6ff9940a01e42e599fdelfMirai
2025-08-27 17:14:17350feaa9b980826f6162da5bbe3ac4776b228db7fb752399b40c5963e0076206elfMirai
2025-08-27 17:14:1410df204f9fd9b3ea9bd3780c107e0786c5dd7994dec3e7fa1f1e1cd2a65b05fcelfMirai
2025-08-27 17:14:14c7d4743dd085199146a49f3192242186635e126bf2837c4521639b4d74884f2aelfMirai
2025-08-27 17:14:08148c65f21f869a6c35af3650fb1e9edfe1a131902aeeff63ef460cb692267778elfMirai
2025-08-26 14:55:251e38452dfb8260eb0f2df7628cd09fddb63ca200aee9ff1032516ad85cec41b1elfMirai
2025-08-26 14:53:25b7ae9853f640559b5461db7f3f703110d5d5841a0ebcad27265c69f0c3b86455elfMirai
2025-08-26 14:53:24d9733977fe7de78e270e92cd7bc9e2594e4ffe243a78f8ac8d001709fc306084elfMirai
2025-08-26 14:53:23ecca99a67bc0a06ddb22b1fe7eb69ccdf5546efb42fa343c6b1c9eaf32ec1664elfMirai
2025-08-26 14:53:23b122f38ec8c38badec17aa6d2dc374f53122b2ddf70babd4234f660ed19148a5elfMirai
2025-08-26 14:53:207bb486834cc6f26f057d42eeca159b53e8d478c92bcd105b963b487a9763506belfMirai
2025-08-26 14:53:20c36aba61e3bffa5d1f5c8d5b8cafc067c9ba749a6f6ba1a9e6f39a2ae9bd261celfMirai
2025-08-26 14:53:20273a068cd7e118583a4bc603942d74c484c8fa3603e60e9ed1e92240ce19ef50elfMirai
2025-08-26 14:53:200782a516c4f11eddb11492ac097cd56d33eebe9368eb451cc75e6c251605bff4elfMirai
2025-08-26 14:53:200e10383dd73f7a9fd14c155b2d1f1b3b1c3926bbe083fc67be13bfe258fbf710elfMirai
2025-08-26 14:53:20743d1545dd04d5e1e6200d501aeffa48be048776ab54efc9ff256fab5f7ec352elfMirai
2025-08-21 16:18:164174b7824d92ad45b712325753f3f13e534c0ef360d2a808953015fd3097dadbelfMirai
2025-08-21 16:18:166f34d950713aa2c1778f926087ff29701239f0c719690be1bbd55518339c5f40elfMirai
2025-08-21 16:18:16410a2d2d672605091d5cb2aa43330e61f4cd0b449a14aac017a6901109828f20elfMirai
2025-08-21 16:18:16554d3ff81972a1e87541b7d8c966a053ece9f46ed04cac6eacf6e64a8eb3fc29elfMirai
2025-08-21 16:17:28b52b68e2fab8007dd26f23cf5be531a3906773754a6cabf8f77b6c45af6d3781elfMirai
2025-08-21 16:17:246089aec4a7ef7cd09a3b91b029a6972ba98415e8e8d4360e120e7bca767aeec7elfMirai
2025-08-21 16:17:19dfb8960cafc58c29b0d684012202148d36bec647da751ecc43b8264bc68db17felfMirai
2025-08-21 16:17:19a0de679e97651423e69a915036008eb85e9bae85652b0691a636b9087cd51c67elfMirai
2025-08-21 15:01:1885fe0ffbfc94d643a279304b4f512277470ce568294a4ef3f6d9df855e71ab32elfMirai
2025-08-21 15:01:1872dd63380754b95f1a008d860924d6ae1e4c7986f7e6475a9c26ea187e2281d0elfMirai
2025-08-21 15:01:1833c95147f46bb4f61d5c1bc74085d98917888e2213d5ac4641ce9c00ba360c10elfMirai