URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	91.188.254.21
Firstseen:	2024-12-27 14:36:04 UTC
Total malware sites :	47
Online malware sites :	0 (0%)
Offline Malware sites :	47 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-12-27 14:36:06	91.188.254.21		Not listed	AS15440 Baltneta	LT	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.ppc	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.mpsl	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.x86	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.arm6	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.arm4	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.arm5	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.mips	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.x86_64	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.m68k	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.arm7	Offline	elf	NDA0E
2025-01-18 15:58:33	http://91.188.254.21/oops/loki.spc	Offline	elf	NDA0E
2025-01-08 18:46:04	http://91.188.254.21:8080/oops/Kloki.arm7	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:45:07	http://91.188.254.21:8080/oops/Kloki.arm4	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:44:05	http://91.188.254.21:8080/oops/Kloki.x86	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:44:05	http://91.188.254.21:8080/oops/Kloki.m68k	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:43:05	http://91.188.254.21:8080/oops/Kloki.mips	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:43:05	http://91.188.254.21:8080/oops/Kloki.ppc	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:43:05	http://91.188.254.21:8080/oops/Kloki.arm6	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:43:05	http://91.188.254.21:8080/oops/Kloki.arm5	Offline	botnet elf LZRD	NDA0E
2025-01-08 18:43:05	http://91.188.254.21:8080/oops/Kloki.spc	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:43:05	http://91.188.254.21:8080/oops/Kloki.x86_64	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:43:05	http://91.188.254.21:8080/oops/Kloki.mpsl	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:38:05	http://91.188.254.21/oops/Kloki.ppc	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:38:05	http://91.188.254.21/oops/Kloki.arm6	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:38:05	http://91.188.254.21/oops/Kloki.mips	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:37:05	http://91.188.254.21/oops/Kloki.arm5	Offline	botnet elf LZRD	NDA0E
2025-01-08 18:37:05	http://91.188.254.21/oops/Kloki.spc	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:37:05	http://91.188.254.21/oops/Kloki.mpsl	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:37:05	http://91.188.254.21/oops/Kloki.arm4	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:37:05	http://91.188.254.21/oops/Kloki.x86	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:37:05	http://91.188.254.21/oops/Kloki.x86_64	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:37:05	http://91.188.254.21/oops/Kloki.m68k	Offline	botnet elf LZRD mirai	NDA0E
2025-01-08 18:37:05	http://91.188.254.21/oops/Kloki.arm7	Offline	botnet elf LZRD mirai	NDA0E
2025-01-04 08:20:08	http://91.188.254.21/Kloki.mpsl	Offline	elf mirai	abuse_ch
2025-01-04 08:20:08	http://91.188.254.21/Kloki.arm7	Offline	elf mirai	abuse_ch
2025-01-04 08:20:08	http://91.188.254.21/Kloki.m68k	Offline	elf mirai	abuse_ch
2025-01-04 08:20:08	http://91.188.254.21/Kloki.arm5	Offline	elf mirai	abuse_ch
2025-01-04 08:19:10	http://91.188.254.21/Kloki.x86	Offline	elf mirai	abuse_ch
2025-01-04 08:19:10	http://91.188.254.21/Kloki.mips	Offline	elf mirai	abuse_ch
2025-01-04 08:19:10	http://91.188.254.21/Kloki.arm4	Offline	elf mirai	abuse_ch
2025-01-04 08:19:10	http://91.188.254.21/Kloki.ppc	Offline	elf mirai	abuse_ch
2025-01-04 08:19:10	http://91.188.254.21/Kloki.x86_64	Offline	elf mirai	abuse_ch
2025-01-04 08:19:10	http://91.188.254.21/Kloki.arm6	Offline	elf mirai	abuse_ch
2025-01-04 08:19:10	http://91.188.254.21/Kloki.spc	Offline	elf mirai	abuse_ch
2025-01-04 04:01:06	http://91.188.254.21/wget.sh	Offline	gafgyt mirai	cesnet_certs
2024-12-27 15:06:04	http://91.188.254.21/mpsl	Offline	elf mirai	Gandylyan1
2024-12-27 14:36:06	http://91.188.254.21/mips	Offline	32-bit elf mirai	threatquery

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-01-08 18:46:04	76f480bb5d3b4321c07669e00e4d64dbefaa08cb5be971eb42c35add03deabc7	elf	Mirai
2025-01-08 18:45:07	84a616beb7ec6f1461fd1228ba8f629dc2b9c1d45e9cb26395e9ca7338dfc871	elf	Mirai
2025-01-08 18:44:05	76f4346fd91acdf7b9c37ba5738afb215fcc793c02ef46df8a22355fedb91e01	elf	Mirai
2025-01-08 18:44:05	98eb4c8c5edf1ea00cbf075b2845b28f8746c93844a03e01f6ba5d9255f932ff	elf	Mirai
2025-01-08 18:43:05	bebb0ff043cb40ec2fc9f1e6c01bfa53aa8e063c4271986497abb2646708d837	elf	Mirai
2025-01-08 18:43:05	192dc6e6726aaa9cce13eaaf812b070d7aa9b4824c2b1dee17e680e3d75284f7	elf	Mirai
2025-01-08 18:43:05	03d0cc1607db3d49d7658c9f00e097a2f03b5d3ba682f0454777acc7f5e189d1	elf	Mirai
2025-01-08 18:43:05	8d6e4a2a63413d902527fcf5e8fe5224af17fa0b73621936fb21c8e8fc5f47df	elf
2025-01-08 18:43:05	954b58091fd10e8b40909cf411f1e203fed9f7fce39764facf29c2beb44add30	elf	Mirai
2025-01-08 18:43:05	dfa0c95348765c1b6347a5cd007cfe59e7208b3787bf779e6ea2e47d407f6fe9	elf	Mirai
2025-01-08 18:43:05	9ed7c3f041272b98d202b68cecb44e5926947df78d49f844cc40c561cb03f734	elf	Mirai
2025-01-08 18:38:05	954b58091fd10e8b40909cf411f1e203fed9f7fce39764facf29c2beb44add30	elf	Mirai
2025-01-08 18:38:05	dfa0c95348765c1b6347a5cd007cfe59e7208b3787bf779e6ea2e47d407f6fe9	elf	Mirai
2025-01-08 18:38:05	9ed7c3f041272b98d202b68cecb44e5926947df78d49f844cc40c561cb03f734	elf	Mirai
2025-01-08 18:37:05	76f480bb5d3b4321c07669e00e4d64dbefaa08cb5be971eb42c35add03deabc7	elf	Mirai
2025-01-08 18:37:05	8d6e4a2a63413d902527fcf5e8fe5224af17fa0b73621936fb21c8e8fc5f47df	elf
2025-01-08 18:37:05	03d0cc1607db3d49d7658c9f00e097a2f03b5d3ba682f0454777acc7f5e189d1	elf	Mirai
2025-01-08 18:37:05	bebb0ff043cb40ec2fc9f1e6c01bfa53aa8e063c4271986497abb2646708d837	elf	Mirai
2025-01-08 18:37:05	84a616beb7ec6f1461fd1228ba8f629dc2b9c1d45e9cb26395e9ca7338dfc871	elf	Mirai
2025-01-08 18:37:05	76f4346fd91acdf7b9c37ba5738afb215fcc793c02ef46df8a22355fedb91e01	elf	Mirai
2025-01-08 18:37:05	192dc6e6726aaa9cce13eaaf812b070d7aa9b4824c2b1dee17e680e3d75284f7	elf	Mirai
2025-01-08 18:37:05	98eb4c8c5edf1ea00cbf075b2845b28f8746c93844a03e01f6ba5d9255f932ff	elf	Mirai
2025-01-08 03:57:27	e8423ae37bbde2bed7aea0527d6b1b962f1cb4eeeb3651693b59bb881b874a52	sh
2025-01-07 21:20:47	d480095c03673777a804039119b9d90fac1e62e45ade839be9f490f124424d44	sh
2025-01-07 18:29:48	5f73aee2d6b292aa93d9a743e4e2a46202b360c8ef74bbd29424d326516d1249	sh	Gafgyt
2025-01-04 08:20:08	e5a11ff5b01497755c01ae790c9758376b8abc6ef805ae142a326089728d5df9	elf	Mirai
2025-01-04 08:20:08	eb3e694a5a22497585690a3c97acfdf0d6788968538cd0a05dc30fe3599aa79b	elf	Mirai
2025-01-04 08:20:08	6e15ca0d44f9755e25d43b727e0f955dc8fc8047db4d0fc8c180a7f1f75a7adb	elf	Mirai
2025-01-04 08:20:08	af697660b27a6a01c5e5c1be4cdfd946a8dd6595d221acc7e5a07cbf68376c50	elf	Mirai
2025-01-04 08:19:09	a0a114e9f90a3b28dfb45c574e0dbfee7ecc2eee8802550088c635aff6f5ee98	elf	Mirai
2025-01-04 08:19:09	4807c962e66f0142d8cec0d2253e5324ddf69f76c3674466ac5ca172ed03174f	elf	Mirai
2025-01-04 08:19:09	b1e9744ae47146393b87783e6d9d560d4396fe50b56961903d4706697d115164	elf	Mirai
2025-01-04 08:19:09	0fcf14ca363a57d61610bfc67af3ddbb87f1635e6d456becb340e4428ca60df2	elf	Mirai
2025-01-04 08:19:09	e9f6e4ca27e0b00e3abb8d2064c14e919b2ca017ebd4f8f014863bbe824bd6eb	elf	Mirai
2025-01-04 08:19:09	37e1cf2f265d16edcfec29c618de091d35b61233e8d2eb8a9baa42ae3c08c45e	elf	Mirai
2025-01-04 08:19:09	8a1ff3a98c8c7685707bbbe14e3c21f4236687a069984c1d44ea47d40ba8f18f	elf	Mirai
2025-01-04 04:01:06	c71b8d66ac2f86177e48df856681cfb53528f1613ca1dae67593a705d7e0ad19	sh	Mirai
2025-01-03 22:44:38	a2ebf0a7abbe158e061619ba17170119925b8fd420b0c0ff76cb30c3cd5bb6fc	elf	Mirai
2025-01-03 19:19:53	b5340d2f2711b0df392187b8f40cd80a464c5cc6df8b6ff79fd9c212234a3227	elf	Mirai
2024-12-27 20:02:00	2e9958508e56357ca8d0e43bf843a93df3c315d229cb1c4d82261876c90e7afa	elf	Mirai
2024-12-27 17:44:05	2484754793dfc38e0f5508d6b01b78b0fcaaecbb93be0ee17a9c6604a5dfbaa5	elf	Mirai
2024-12-27 15:06:04	6f50c1f79ac90b77d71393dbefb44d384bf8a5d377046a0294f6dc7130377de7	elf	Mirai
2024-12-27 14:36:05	b14568287fc9faa8ab1ddb505a826062307f78fd14a2e3cbe73628a52c10ae9c	elf	Mirai