URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 163.61.39.198 |
|---|---|
| Firstseen: | 2026-05-20 16:38:07 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 8 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-05-20 16:38:32 | 163.61.39.198 | Not listed | AS152565 JOYSVC-AS-IN |  IN | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2026-05-20 16:38:43 | http://163.61.39.198/i686 | Offline | mirai  opendir |  DaveLikesMalwre |
| 2026-05-20 16:38:43 | http://163.61.39.198/mips | Offline | DDoSAgent mirai opendir | DaveLikesMalwre |
| 2026-05-20 16:38:43 | http://163.61.39.198/armv6l | Offline | mirai opendir | DaveLikesMalwre |
| 2026-05-20 16:38:38 | http://163.61.39.198/mipsel | Offline | DDoSAgent mirai opendir | DaveLikesMalwre |
| 2026-05-20 16:38:37 | http://163.61.39.198/armv5l | Offline | mirai opendir | DaveLikesMalwre |
| 2026-05-20 16:38:36 | http://163.61.39.198/x86 | Offline | mirai opendir | DaveLikesMalwre |
| 2026-05-20 16:38:34 | http://163.61.39.198/ppc64 | Offline | DDoSAgent mirai opendir | DaveLikesMalwre |
| 2026-05-20 16:38:32 | http://163.61.39.198/armv7l | Offline | mirai opendir | DaveLikesMalwre |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-05-20 16:38:43 | eda3e9c5da83a37b9a4efe43d4a8a757c84f4a7e646f4db446c3add6836e42f3 | elf | Mirai | |
| 2026-05-20 16:38:43 | c3462fb299973b422c6b1bfa188c6a00b1bc1a492b254c8f722c026141d0f13b | elf | DDoSAgent | |
| 2026-05-20 16:38:43 | c6447e0ba4b3d10c3f73a903784e8d84000a4b7a2825db4f2d8ba0cfe792363f | elf | ||
| 2026-05-20 16:38:37 | c62ae9ff720ff081e144f1a6ebee7bb1b1ed64f984c8d564570d112456378323 | elf | DDoSAgent | |
| 2026-05-20 16:38:36 | 250b86635152a7490b61aff60126452e8bc414d5ba51778cff106f569448c090 | elf | ||
| 2026-05-20 16:38:35 | eda3e9c5da83a37b9a4efe43d4a8a757c84f4a7e646f4db446c3add6836e42f3 | elf | Mirai | |
| 2026-05-20 16:38:33 | 2b3d8776083537f7a0c30a4dd9083c2e3452e4372e33881f5a3837d7b5c2e198 | elf | DDoSAgent | |
| 2026-05-20 16:38:31 | 0271312c044ec167c018dd621291844a36050561e44b84417e89c1282213989f | elf |