URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	176.65.148.153
Firstseen:	2025-10-20 03:01:04 UTC
Total malware sites :	20
Online malware sites :	0 (0%)
Offline Malware sites :	20 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-20 03:01:07	176.65.148.153	hosted-by.pfcloud.io	SBL679274	AS51396 PFCLOUD	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-11-12 23:55:10	http://176.65.148.153/frost.armv7	Offline	elf geofenced Ngioweb ua-wget USA	botnetkiller
2025-11-12 23:55:10	http://176.65.148.153/frost.x86	Offline	elf geofenced Ngioweb ua-wget USA	botnetkiller
2025-11-12 23:55:10	http://176.65.148.153/frost.armv5	Offline	elf geofenced Ngioweb ua-wget USA	botnetkiller
2025-11-12 23:55:10	http://176.65.148.153/frost.mips	Offline	elf geofenced Ngioweb ua-wget USA	botnetkiller
2025-11-12 23:55:10	http://176.65.148.153/frost.x86_64	Offline	elf geofenced Ngioweb ua-wget USA	botnetkiller
2025-11-12 23:55:09	http://176.65.148.153/frost.armv6	Offline	elf geofenced Ngioweb ua-wget USA	botnetkiller
2025-11-12 23:54:06	http://176.65.148.153/dvr.jaws.sh	Offline	geofenced Ngioweb sh ua-wget USA	botnetkiller
2025-11-12 23:54:06	http://176.65.148.153/frost.mipsel	Offline	elf geofenced Ngioweb ua-wget USA	botnetkiller
2025-11-12 23:54:06	http://176.65.148.153/frost.aarch64	Offline	elf geofenced Ngioweb ua-wget USA	botnetkiller
2025-10-20 03:01:09	http://176.65.148.153/x86	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:09	http://176.65.148.153/co	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:08	http://176.65.148.153/586	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:08	http://176.65.148.153/dss	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:08	http://176.65.148.153/i686	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:08	http://176.65.148.153/sh4	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:08	http://176.65.148.153/arm61	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:07	http://176.65.148.153/mipsel	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:07	http://176.65.148.153/mips	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:07	http://176.65.148.153/m68k	Offline	elf gafgyt ua-wget	ClearlyNotB
2025-10-20 03:01:07	http://176.65.148.153/ppc	Offline	elf gafgyt ua-wget	ClearlyNotB

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-11-13 05:32:36	a155191721c632cf9380947e3a29c27b5146f8c5590d517d52262e36753a0875	sh	Ngioweb
2025-11-12 23:55:10	5bd31c712bc667714d6abf1823c3abd23c909831aa83e5597d9e4c8a280da029	elf	Ngioweb
2025-11-12 23:55:10	3ac2952c0a1f755baa86d7acbac01a08be67beec8cf286a5f59fc9ca2f4e0231	elf	Ngioweb
2025-11-12 23:55:10	0ca4e6fd9ab8da9824cc1ef5dd30d5635f505b15f115b12aaf1fad3cc946c5aa	elf	Ngioweb
2025-11-12 23:55:10	7e7b6974e650aa30dbc3e3c399ea9f2aeba9c3ede0fa65b4ca12589b95dd8912	elf	Ngioweb
2025-11-12 23:55:10	e4a963b5164ee3baa9afd4ef69c469fa640816742bc232c9c5cbc47f42f2e352	elf	Ngioweb
2025-11-12 23:55:09	84f4fd11e3eb8e4202daebe02e1e45f132a8081df97d6ec853fcebe8d1b47c5f	elf	Ngioweb
2025-11-12 23:54:06	b01cd96e5f4399a616968ee1b551c58ba914d238531ce570f99491c2e5e7963e	sh	Ngioweb
2025-11-12 23:54:06	b748778a3d29f9927144d643783933a5a72775cf125b27924bcad4ada27a6269	elf	Ngioweb
2025-11-12 23:54:06	6e506f968ff88fb4eddbc0b99d3c24627b5b8d64a4d8f72e6003586e40f6b37b	elf	Ngioweb
2025-10-20 03:01:09	962c7912c44af279cd7879402913ca17968a64788b041b855867d42bf0441387	elf	Gafgyt
2025-10-20 03:01:08	cf9a897fadec97206fe1f75f6978a04c333d37ac418fc1525bcabe3f13f225a0	elf	Gafgyt
2025-10-20 03:01:08	a33aa07b8f51e7bfee450b08b563fb72d93834f9955ad189795a49532f3cce97	elf	Gafgyt
2025-10-20 03:01:08	729fdb587dd9b93b8d689209d68b2ef32678cb3263177d79e443046fb278c93c	elf	Gafgyt
2025-10-20 03:01:08	5bb6b335d5df8e953dafe382ef810d5629fa15f959655c1fcbe2af815ad4bb13	elf	Gafgyt
2025-10-20 03:01:08	e6e0d5334a6b305ecb60f563aa16cb5d47ffa420a03799c030ac51d3ab869ff3	elf	Gafgyt
2025-10-20 03:01:08	e4393a49350ed5e410e1cf286c4b8b6df29224348c9972aadcded5cb74874fba	elf	Gafgyt
2025-10-20 03:01:07	c1083f406437651d99f4b0a6fdbb3dc57f7268fc3c1f071b8330007ca9f36de6	elf	Gafgyt
2025-10-20 03:01:07	684668d3065daad253570100f3b947a50aad9be3e4429d02c156176899e23e60	elf	Gafgyt
2025-10-20 03:01:07	995e632e29a9c2635cfc9f693950e3ad07ae18028968e1427b306bb72e573a00	elf	Gafgyt
2025-10-20 03:01:06	bcc239c8ac93b5b198fd4c5be8da9a252ef9149fcc3c13986d364826a9c8d900	elf	Gafgyt