URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-11-30 01:59:04	91.92.241.59		SBL686267	AS214943 RAILNET	NL	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-11-30 02:02:05	http://91.92.241.59/wget.sh	Offline	geofenced sh ua-wget USA	botnetkiller
2025-11-30 02:00:38	http://91.92.241.59/bizy.mpsls	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:34	http://91.92.241.59/bizy.mipss	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:23	http://91.92.241.59/bizy.mips64	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:20	http://91.92.241.59/odin.arm	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:20	http://91.92.241.59/bizy.riscv	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:19	http://91.92.241.59/bizy.mpsl64	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:19	http://91.92.241.59/bizy.x86	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:19	http://91.92.241.59/bizy.arm5	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:19	http://91.92.241.59/bizy.x64	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:19	http://91.92.241.59/bizy.arm7	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:19	http://91.92.241.59/bizy.arm6	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:18	http://91.92.241.59/bizy.arm8	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:18	http://91.92.241.59/bizy.mips	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:18	http://91.92.241.59/bizy.mpsl	Online	elf geofenced ua-wget USA	botnetkiller
2025-11-30 02:00:18	http://91.92.241.59/odin.mips	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.x86	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.arm5n	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.arm6	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.x64	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.m68k	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.sh4	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.ppc	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.arm7	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:17	http://91.92.241.59/odin.mpsl	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:16	http://91.92.241.59/odin.spc	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 02:00:16	http://91.92.241.59/odin.arm5	Online	elf geofenced mirai ua-wget USA	botnetkiller
2025-11-30 01:59:04	http://91.92.241.59/curl.sh	Offline	geofenced sh ua-wget USA	botnetkiller

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2025-11-30 02:00:38	d5084342fb3caaad185e65e1665b69f5f4436caf22e9a7bce275479827e7f9c0	elf
2025-11-30 02:00:34	8773f1853d7a837ff6bc07f5839a668166f2311e0cf6e507086cc403471948b8	elf
2025-11-30 02:00:23	fbdcf7a6a53daba22ec7bc70482fdb81e9597d8ae0cde9031b197f9f49fd44dd	elf
2025-11-30 02:00:20	0768380847fec204052caea7d521b23d739ee8fedbc23831bf2549bae3fb03de	elf		Mirai
2025-11-30 02:00:20	96016d9533b9c4ac61d86048f73ad47e815d689c7955703dcea5abcb4553ccf1	elf
2025-11-30 02:00:19	f122cfe19922d2a8e9c80d11acb04ed68b1dc30ab72d20fa99eca87bbb9ff979	elf
2025-11-30 02:00:19	da3e18e3ef495fb7983a2357550d64833b22ab3c4d93d17ac62b7a5d76adee86	elf
2025-11-30 02:00:19	7469dee5a6679cd1b1293c38a1ed1c7800381936df68c87739786541f607ba60	elf
2025-11-30 02:00:19	1d71d8dd402e9cff4e742db2b32ad9e29925f19624f5168cb2419301e74b1b9b	elf
2025-11-30 02:00:18	3d6f8bc6d911441bac88de85f9b6270b36fa6e4206f11b5f8bf39ca03bb8a264	elf
2025-11-30 02:00:18	34ec04f0ab17549a20bd7fb257497059e087cd64be342b483a72a2ca64ddd20c	elf
2025-11-30 02:00:18	4dfc23150298b0236500ebaa09bffa740238c3db5597e43c77244e30195f25db	elf
2025-11-30 02:00:18	16ebf82f00bc0105348c208b7a2b2fcf9eb775e7adc23bf2744c001bf9b15fc1	elf
2025-11-30 02:00:18	766a44d44822cfbb7f163219868b8f08f6654acd3a386a7d7fc52ecd9924fef7	elf
2025-11-30 02:00:17	5a7827d9681297873e4fbc739522260acd2734824add84af2744248acf661a60	elf		Mirai
2025-11-30 02:00:17	893cd4107f8be6a0f86d1dbf376352a029700c64b41a6cb69b47e4289d11bca1	elf		Mirai
2025-11-30 02:00:17	d89b9aa7f0ac337077c5614d1d8321d1a0dff5280560bde0a8339c0dba0abd5d	elf		Mirai
2025-11-30 02:00:17	c3d826404b0e9fbc0382b9b1a871acf72cda3f2f81b5306cd3b9f8741d9d4c27	elf		Mirai
2025-11-30 02:00:17	42c98a7aaed9dfdb48a02009c3ef41c71bf0e6c3a8d5d3b9bab1bae6d8799d96	elf		Mirai
2025-11-30 02:00:17	49bdea75a582c656e0b7c07fcafbd9d3ce01bae6c7802cc87cb2b9419c89640c	elf		Mirai
2025-11-30 02:00:17	38f94df99e0a5ef8257dc20350f75bd3f5b9452388acf68bd16c90fa28adc3ad	elf		Mirai
2025-11-30 02:00:17	bec77d584ebd3438d6cc13880e26ed059392e0633937e0de6409620caf683cfd	elf		Mirai
2025-11-30 02:00:17	28d1f0ec378ee8de8fb6a2c4b7513d01b551990bd072f62cd381c38bb5d0a5b1	elf		Mirai
2025-11-30 02:00:17	e439140f9ab57169b1821f08acbf095ce275c3d4e3107b4d52da9179c3e17661	elf		Mirai
2025-11-30 02:00:16	23699b08a3a0ec5228028064a2ee8efc12e9f90102a07b858116df90241624a1	elf		Mirai
2025-11-30 02:00:16	3ccec93311c41cc3a813b5762e249706c4cc3fd2c04894585300e05221268a01	elf		Mirai