URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: followflow.zip
Domain registrar:Tucows -
Domain registration date:2023-10-19 06:54:41 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2024-08-23 18:44:04 UTC
Total malware sites :43
Online malware sites :0 (0%)
Offline Malware sites :43 (100%)
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2024-10-23 03:27:54 52.223.13.41a74e89cf4458da039.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2024-08-23 18:44:04 91.92.241.244SBL686267AS214943 RAILNET- NLno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-08-23 18:44:09http://followflow.zip/hmipsOfflinebotnetdomain elf NDA0E
2024-08-23 18:44:09http://followflow.zip/x86_64Offlinebotnetdomain elf NDA0E
2024-08-23 18:44:09http://followflow.zip/mipsOfflinebotnetdomain elf NDA0E
2024-08-23 18:44:09http://followflow.zip/debugOfflinebotnetdomain elf NDA0E
2024-08-23 18:44:09http://followflow.zip/arm7Offlinebotnetdomain elf mirai ext NDA0E
2024-08-23 18:44:07http://followflow.zip/mpslOfflinebotnetdomain elf NDA0E
2024-08-23 18:44:07http://followflow.zip/arm5Offlinebotnetdomain elf NDA0E
2024-08-23 18:44:07http://followflow.zip/armOfflinebotnetdomain elf NDA0E
2024-08-23 18:44:07http://followflow.zip/arm6Offlinebotnetdomain elf NDA0E
2024-08-23 18:44:07http://followflow.zip/arm4Offlinebotnetdomain elf NDA0E
2024-08-23 18:44:07http://followflow.zip/gmpslOfflinebotnetdomain elf NDA0E
2024-08-23 18:44:06http://followflow.zip/linksysOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:06http://followflow.zip/liOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:06http://followflow.zip/wget.shOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/lllOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/w.shOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/adbOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/totoOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/xaxaOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/sdtOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/multiOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/magOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/asdOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/k.shOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/aaaOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/f5Offlinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/gOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/c.shOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/irzOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/ipcOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/jawsOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/weedOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/create.pyOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/bxOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/bOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/zzOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:05http://followflow.zip/z.shOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:04http://followflow.zip/ruckOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:04http://followflow.zip/vcOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:04http://followflow.zip/test.shOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:04http://followflow.zip/fdgsfgOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:04http://followflow.zip/fbOfflinebotnetdomain mirai ext sh NDA0E
2024-08-23 18:44:04http://followflow.zip/goclOfflinebotnetdomain mirai ext sh NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-08-24 11:35:56d852a2eecbbb228148d7d0dc363e50932ac317850404cee8d96d5c9dc3cd37e1elf  
2024-08-24 11:34:03c2b4ed10fdd39b03e617800e9f90f49c947d24709613b45c84797fde2e9f0081elf  
2024-08-24 08:52:19f5b7312bc5bffed521dd0f34ff450f763573dc5d0796fe02020fa9609bf008d4elf  
2024-08-24 06:44:158aad73349054162bc6a958d50a1653b9cee2e317c4aa19210c1490273ac15886elf  
2024-08-24 06:14:51751ca79ffdc09d91efa889185030460f4e0070c36551a337f53892689e31c860elf  
2024-08-24 06:12:103201929b5fbd739eb3420e1f1c84237dedfbbb11ad8261f110ef653871751ca2elf  
2024-08-24 05:59:006d888a61d5a9c659f7aa14cbe857b6a149fa69acc196ac952491873bd75ede20elf  
2024-08-24 05:52:420bdbe1e9d2718d80bf3c3f87edaa576d54ac81873586af07ec3a8ec4bcd92377elf  
2024-08-24 05:51:390bdbe1e9d2718d80bf3c3f87edaa576d54ac81873586af07ec3a8ec4bcd92377elf  
2024-08-24 05:34:33301188837ea2972e946307b65d037553f399f69d3b7e5967dd597e6b1c60b60felf  
2024-08-24 05:19:1898000c48d65fb5932864f9f55cc715d388992317f59c08116566617355a41d26elf  
2024-08-24 05:04:559861d57838edcedc5e02a0afe4d5870e57a49ee41be5af7fb2c5066c668898e7elf  
2024-08-24 05:02:149861d57838edcedc5e02a0afe4d5870e57a49ee41be5af7fb2c5066c668898e7elf  
2024-08-24 04:49:30b0b1b501b273c3784900d37b1babd024938c662a166a3b6a0d254ab2d0c01263elf  
2024-08-24 04:23:2618ada5e6133dea50149f5ff23bce6869255eaa27adca0fa2a0fd0b4b39503caeelf  
2024-08-24 04:22:32bacfd287fc5dcb64e6f8ce011b7cfa28cea16f74270d5cfe8a21b8c5dbada377elf  
2024-08-24 04:15:17bffa7d98c0902879548e7879b9deeaa9e4f48c36e3801ed9e624f9e4262a2ee7elf  
2024-08-24 04:00:22cccea59e8d6cfc39530aacfb350e3b93991a53ffe4bcd527ad4d347ea716f599elf  
2024-08-24 03:49:078b96be433833c581d027c2ab214e7efbeef977930245cf8f860f13a2f4bf5618elf  
2024-08-24 03:49:0249baf4fc40b6d5df57f10e7874eb0d9125ffb7f4c8ca87147e60eca4b15e0e61elf  
2024-08-24 03:32:2941383789951f4ca8efac8a2c430d14335bc3cb65b51a4e87247070cc3dee904aelf  
2024-08-24 03:32:062222f36b18765d87f7998eb1dae773c7e3b7e966ed51a61b8b314559e2fa2fa1elf  
2024-08-24 03:24:04b0b3ba2934921b19b7ba3cc3951bb7e35b80918c580480f81c7936aa8f3d4eb3elf  
2024-08-24 03:20:108a31ba0db69086071e52d54d01b4cb63bed5d7f931d28f02a0f7dc0b9087617belf  
2024-08-24 03:09:107ef17ebb0ab21722ad7c3820b01a2936ceb1943ef310fa2421992f0b98179225elf  
2024-08-23 18:44:09614a88ca9d29a86425830fd942b1172d37b98465571a98334e98f4fbc22d3faaelf  
2024-08-23 18:44:092bf2c82e29d37db4268872fa6a69f1975a62b906dec55c3c661b757bc7ba4de1elf  
2024-08-23 18:44:090e4bd21862320d66f61c07602215a41547e3c6fb50727da1c7c6ca803970bb7celf  
2024-08-23 18:44:09828c46414abf97335c067bdaf66744d21a87b7dcb728f53cc57392561306976felf  
2024-08-23 18:44:08d412f69cd6044dbd3af89317bc71cde5391f1250b933a86e3beca81b08e33df6elfMirai
2024-08-23 18:44:07f6e9515696f5f42c2789447a08cce6856aefc040e2efc4927f67522a14fde5d6elf  
2024-08-23 18:44:07cf757e6eb8c7e52e32b3f27d24ed0d7034fae4cbd74cfaf89fdacd89a5c050cbelf  
2024-08-23 18:44:0749379c98aee5da0dccc270976d10030a38e0a7225ff3428aff10c471968af6a1elf  
2024-08-23 18:44:07cf757e6eb8c7e52e32b3f27d24ed0d7034fae4cbd74cfaf89fdacd89a5c050cbelf  
2024-08-23 18:44:0707d58d7e403469706f22fa28ed7c7c0c0766dfe3ef826d44d383766d8efb604belf  
2024-08-23 18:44:0759da7bb077d1f1ece2e92b90ad6b12f132b18f265ced3f75ee372694f0198ccbelf