This page summarises recently observed malicious URLs recorded during the reporting window below. All entries reflect automated feed data and represent malicious URLs identified within the stated timeframe.
Window: 05 Jul 2026 00:05 UTC → 06 Jul 2026 00:53 UTC (exclusive end)
Generated: 06 Jul 2026 01:00 UTC
Overview
Online and offline statuses reflect whether each URL was reachable at the time of reporting.
- Total URLs observed in this window: 314
- Online (reachable at time of reporting): 142
- Offline (unreachable at time of reporting): 172
- Offline URLs account for the majority of entries at 172 out of 314
Most recent URLs
The table below lists the most recently added malicious URLs recorded in the feed during this reporting run.
| ID | Status | Threat type | Bad URL |
|---|---|---|---|
| 3881426 | online | malware_download | http://94.181.6.67:36395/bin.sh |
| 3881424 | online | malware_download | http://42.231.186.76:54013/i |
| 3881423 | online | malware_download | http://110.37.61.44:49758/bin.sh |
| 3881422 | online | malware_download | http://103.44.136.115:35447/bin.sh |
| 3881421 | online | malware_download | http://182.123.245.51:60755/bin.sh |
| 3881420 | online | malware_download | http://110.36.11.225:36446/i |
| 3881418 | online | malware_download | http://112.246.16.106:42448/bin.sh |
| 3881417 | online | malware_download | http://94.154.43.192/b.xml |
| 3881416 | online | malware_download | http://94.154.43.192/nz/b.xml |
| 3881413 | online | malware_download | http://94.154.43.192/c.sh |
| 3881408 | online | malware_download | http://115.54.128.181:49195/bin.sh |
| 3881407 | online | malware_download | http://110.36.11.225:36446/bin.sh |
| 3881405 | online | malware_download | http://202.1.26.69:37695/i |
| 3881404 | online | malware_download | http://117.208.46.126:33920/i |
| 3881403 | online | malware_download | http://38.21.70.189:46846/bin.sh |
| 3881402 | online | malware_download | http://117.208.46.126:33920/bin.sh |
| 3881401 | online | malware_download | http://182.119.182.78:59445/bin.sh |
| 3881399 | online | malware_download | http://202.1.26.69:37695/bin.sh |
| 3881398 | online | malware_download | http://59.96.137.166:41050/i |
| 3881396 | online | malware_download | http://59.180.168.190:45133/i |
| 3881395 | online | malware_download | http://112.255.27.172:53031/bin.sh |
| 3881394 | online | malware_download | http://222.139.127.61:46244/i |
| 3881393 | online | malware_download | http://125.27.11.15:43282/i |
| 3881391 | online | malware_download | http://119.185.140.136:34637/bin.sh |
| 3881390 | online | malware_download | http://110.36.28.45:52690/i |
Top hosts
The table below shows the hosts most frequently observed serving malicious URLs during this reporting window, ranked by number of associated URLs.
| Host | Count |
|---|---|
| 141.11.88.108 | 15 |
| 94.154.43.192 | 10 |
| 83.168.110.191 | 9 |
| 91.92.242.236 | 8 |
| 141.11.88.126 | 3 |
| 2.26.75.58 | 3 |
| 105.186.68.15 | 2 |
| 105.224.71.15 | 2 |
| 110.36.11.225 | 2 |
| 110.36.19.101 | 2 |
Top threat types
All 314 URLs observed in this window carry a single recorded threat type: malware_download.
| Threat type | Count |
|---|---|
| malware_download | 314 |
Top tags
Tags provide additional classification detail for the URLs in this window; a single URL may carry more than one tag, so tag counts are not mutually exclusive.
| Tag | Count |
|---|---|
| Mozi | 170 |
| elf | 163 |
| 32-bit | 139 |
| mips | 108 |
| ClearFake | 62 |
| mirai | 46 |
| windows | 40 |
| win-0x4679 | 34 |
| arm | 33 |
| ua-wget | 31 |
This page is updated daily.
