URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 176.65.134.11
Firstseen:2025-04-09 17:00:03 UTC
Total malware sites :36
Online malware sites :0 (0%)
Offline Malware sites :36 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-09 17:00:05 176.65.134.11SBL679274AS36680 NETIFACELLC- DEyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-08-28 07:30:22http://176.65.134.11/r.shOfflinegafgyt ext sh ua-wget BlinkzSec
2025-08-28 07:30:21http://176.65.134.11/tftp.shOfflinesh ua-wget BlinkzSec
2025-08-28 07:30:21http://176.65.134.11/tOfflinesh ua-wget BlinkzSec
2025-08-28 07:30:20http://176.65.134.11/wget.shOfflinegafgyt ext sh ua-wget BlinkzSec
2025-08-28 07:30:20http://176.65.134.11/b.shOfflinesh ua-wget BlinkzSec
2025-08-28 07:30:20http://176.65.134.11/tf.shOfflinesh ua-wget BlinkzSec
2025-08-28 07:30:20http://176.65.134.11/n.shOfflinegafgyt ext sh ua-wget BlinkzSec
2025-08-28 07:30:20http://176.65.134.11/tbk.shOfflinesh ua-wget BlinkzSec
2025-08-28 07:30:20http://176.65.134.11/wg.shOfflinegafgyt ext sh ua-wget BlinkzSec
2025-08-28 07:30:20http://176.65.134.11/x.shOfflinegafgyt ext sh ua-wget BlinkzSec
2025-08-28 06:41:10http://176.65.134.11/lol.mpslOfflineelf mirai ext ua-wget BlinkzSec
2025-08-28 06:40:18http://176.65.134.11/lol.armOfflineelf mirai ext ua-wget BlinkzSec
2025-08-28 06:40:18http://176.65.134.11/lol.mipsOfflineelf gafgyt ext ua-wget BlinkzSec
2025-08-28 06:12:17http://176.65.134.11/lol.arm7Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-28 06:12:17http://176.65.134.11/lol.arm5Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-28 06:12:17http://176.65.134.11/skid.mpslOfflineelf ua-wget ClearlyNotB
2025-08-28 06:12:16http://176.65.134.11/skid.arm7Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-28 06:12:16http://176.65.134.11/skid.mipsOfflineelf gafgyt ext ua-wget ClearlyNotB
2025-08-28 06:12:16http://176.65.134.11/skid.arm5Offlineelf mirai ext ua-wget ClearlyNotB
2025-08-28 06:12:16http://176.65.134.11/skid.armOfflineelf mirai ext ua-wget ClearlyNotB
2025-04-10 11:19:06http://176.65.134.11/hiddenbin/boatnet.i686Offlineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:06http://176.65.134.11/hiddenbin/boatnet.sh4Offlineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:05http://176.65.134.11/hiddenbin/boatnet.m68kOfflineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:05http://176.65.134.11/hiddenbin/boatnet.i468Offlineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:04http://176.65.134.11/hiddenbin/boatnet.arm5Offlineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.mipsOfflineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.arm7Offlineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.arm6Offlineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.spcOfflineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.x86Offlineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.ppcOfflineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.armOfflineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.arcOfflineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.x86_64Offlineelf mirai ext DaveLikesMalwre
2025-04-10 11:19:03http://176.65.134.11/hiddenbin/boatnet.mpslOfflineelf mirai ext DaveLikesMalwre
2025-04-09 17:00:05http://176.65.134.11/ohshit.shOfflinemirai ext sh ua-wget BlinkzSec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-08-28 07:30:2288b8d3c7178fa67577580b32252d79f518c20d26e8aa4f1c7c6b27becb43a083shGafgyt
2025-08-28 07:30:213d9a69c44348dfcd37a539e56e5ed8725ee26816ff7c489940d990b4759c3eb5sh 
2025-08-28 07:30:201f323c90c1a3e02ac828dda944d5d2d268717958632f10c6b09cd17dddd58fd9shGafgyt
2025-08-28 07:30:205bf11d8ac58c15af8d5d158dbd61a8a59abfd587f3b4a6df6e5f0f22a6c9af9ashGafgyt
2025-08-28 07:30:205c0f8b87cbf7bde0cb46ba8db6ca265c87d8a4f829ed4f6e22c3a607251b9dc2sh 
2025-08-28 07:30:205002c5a1576d46213077a3ec8a185549fc66faff879d54e3ad6a994a9a476430shGafgyt
2025-08-28 07:30:203b0bcd7e422c38f283852898865897c883e46eb11e817afcf36f7b5826de9a54sh 
2025-08-28 07:30:209d506a765821d3836dcedf7d5fe972cefbc5c6bd7a0fb1ccb4320a4b341fb35bshGafgyt
2025-08-28 07:30:20773bf787b1848b0af1453ecdf14b7ffa9e6fd90794375a55fff781f5947c1916sh 
2025-08-28 06:41:103b3eba4bea8a981baa303e11f90fe9728f818404f5373d91aac6df518316192felfMirai
2025-08-28 06:40:18c120e8b96e4f722b2379194402b640c6a24283b00d7340366f27938c50a398e9elfMirai
2025-08-28 06:40:1804eda5b9e6e5bc4057502411fae19adeeb301a39b24d82ba3438a6094fe1ae2delfGafgyt
2025-08-28 06:12:1792afbef86c7877ed2cee0e8fe0194a3e998e0b347b50303c675392a87a31a369elfMirai
2025-08-28 06:12:17917b520d0019bea6aa2b04d80b128771ece7f4de5d6c4503bd8ef29494e5aea7elfMirai
2025-08-28 06:12:178c200ee9c7949990167a6a63928ba6f5f7401795f81c63a648aaa2be60c643b1elf 
2025-08-28 06:12:1677e287d8d0967bffac544be47fd8afc8da9ac67052e41e2595d0b8d8fe794f2celfGafgyt
2025-08-28 06:12:167f9023fdbd0951650d408f62a2eb70dbaadd424d725957ee3d3a7780aa25c853elfMirai
2025-08-28 06:12:166490586ab557e772c4ddb5d0bdc469118f5af4997831d32273b2a219ef871791elfMirai
2025-08-28 06:12:163b9fb643ee107c4fdc321425bf8801dae55aa9e5c392b6062e463ec8dde0cb9delfMirai
2025-04-09 17:00:041041604dd92cbfba9229e58b967209fff1bbfb1b176f653a30e88ce36730e727shMirai