URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	185.121.13.159
Firstseen:	2025-08-28 07:30:04 UTC
Total malware sites :	36
Online malware sites :	0 (0%)
Offline Malware sites :	36 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-08-28 07:30:10	185.121.13.159		Not listed	AS50053 VDSKA-AS	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-08-28 07:50:34	http://185.121.13.159/tarm	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:26	http://185.121.13.159/nktmpsl	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:26	http://185.121.13.159/nktarm6	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:26	http://185.121.13.159/tbarm5	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:26	http://185.121.13.159/nktarm5	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:26	http://185.121.13.159/nktarm7	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:23	http://185.121.13.159/nktarm4	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:22	http://185.121.13.159/nktmips	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:22	http://185.121.13.159/tbarm	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:22	http://185.121.13.159/tarm6	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:22	http://185.121.13.159/tmpsl	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:20	http://185.121.13.159/tarm5	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:20	http://185.121.13.159/tarm7	Offline	elf ua-wget	abuse_ch
2025-08-28 07:50:20	http://185.121.13.159/tbarm7	Offline	elf ua-wget	abuse_ch
2025-08-28 07:30:23	http://185.121.13.159/tbk.sh	Offline	mirai sh ua-wget	BlinkzSec
2025-08-28 07:30:23	http://185.121.13.159/skid.arm7	Offline	elf mirai ua-wget	BlinkzSec
2025-08-28 07:30:23	http://185.121.13.159/skid.arm	Offline	elf mirai ua-wget	BlinkzSec
2025-08-28 07:30:22	http://185.121.13.159/lol.arm	Offline	elf mirai ua-wget	BlinkzSec
2025-08-28 07:30:22	http://185.121.13.159/skid.mpsl	Offline	elf mirai ua-wget	BlinkzSec
2025-08-28 07:30:22	http://185.121.13.159/t	Offline	gafgyt sh ua-wget	BlinkzSec
2025-08-28 07:30:22	http://185.121.13.159/wg.sh	Offline	gafgyt sh ua-wget	BlinkzSec
2025-08-28 07:30:21	http://185.121.13.159/tftp.sh	Offline	sh ua-wget	BlinkzSec
2025-08-28 07:30:21	http://185.121.13.159/t.sh	Offline	sh ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/wget.sh	Offline	gafgyt sh ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/lol.mpsl	Offline	elf mirai ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/lol.arm7	Offline	elf mirai ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/skid.mips	Offline	elf gafgyt ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/lol.mips	Offline	elf gafgyt ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/lol.arm5	Offline	elf mirai ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/n.sh	Offline	gafgyt sh ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/tf.sh	Offline	sh ua-wget	BlinkzSec
2025-08-28 07:30:20	http://185.121.13.159/x.sh	Offline	gafgyt sh ua-wget	BlinkzSec
2025-08-28 07:30:16	http://185.121.13.159/r.sh	Offline	mirai sh ua-wget	BlinkzSec
2025-08-28 07:30:13	http://185.121.13.159/b.sh	Offline	sh ua-wget	BlinkzSec
2025-08-28 07:30:13	http://185.121.13.159/skid.arm5	Offline	elf mirai ua-wget	BlinkzSec
2025-08-28 07:30:10	http://185.121.13.159/tmips	Offline	elf gafgyt ua-wget	BlinkzSec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-09-04 09:27:23	7f511c4e5fe592b7461f1d91402c8e72f6113d61119076d0ee054388e71f963f	elf	Mirai
2025-09-04 09:27:14	da2f1743a967256963cd0ed10f605ba26353ca98d9ef12883ff2dd94af2d0040	elf	Mirai
2025-09-04 09:22:16	a4b34e8d9988291486b2d4e74dd2236153e9c5330cbd07406a815201709ddc98	elf	Mirai
2025-09-04 09:05:15	21c1a38155620df7ff31b34364069137ff5bea0f6cf57a8c8a13a687792a7d86	elf	Gafgyt
2025-09-04 09:00:46	303eb333f34a2f3846afde57acb6045a6e96954da622647164184903f1d29768	elf	Mirai
2025-09-04 08:51:02	86a83cda767fc02878500df02e481bf4f85dd6e35ea566a5fc2688c60e85b4a9	elf	Mirai
2025-09-04 08:39:34	e3e3ae079060ff2a17c1f535550e1004d6d505190947ed09e887eb3f6e578713	elf	Mirai
2025-09-04 08:24:51	d42c76a9dd05e0e00561b9dec3aa16042cafd56cce474322d2e9ae8cf3cb63b3	elf	Mirai
2025-09-04 08:06:43	3049d067ddff160a19a588c27e1eafb2914f7964c82f9205db35c5c97a954af3	elf	Gafgyt
2025-09-04 08:03:06	8fc890bbdacbc769ea430e4a582f58394371257ba27ed8c249ffebeb1beb255e	elf	Mirai
2025-08-30 03:03:56	cda28612d09eb4f2adeef427963c385993652e9f5bdbe450477044f845dee656	sh	Mirai
2025-08-28 07:30:23	3b9fb643ee107c4fdc321425bf8801dae55aa9e5c392b6062e463ec8dde0cb9d	elf	Mirai
2025-08-28 07:30:23	e745fc8571ba23f44e6721d8d84c1549a0b286f1f63c8a73e2d14cb55b056bce	sh	Mirai
2025-08-28 07:30:22	c120e8b96e4f722b2379194402b640c6a24283b00d7340366f27938c50a398e9	elf	Mirai
2025-08-28 07:30:22	7f9023fdbd0951650d408f62a2eb70dbaadd424d725957ee3d3a7780aa25c853	elf	Mirai
2025-08-28 07:30:22	8c200ee9c7949990167a6a63928ba6f5f7401795f81c63a648aaa2be60c643b1	elf
2025-08-28 07:30:22	4003e776e4e321eb6060f0391f74715d54d4a232d63576f6ecaf7ffe19675e81	sh	Gafgyt
2025-08-28 07:30:22	5bf11d8ac58c15af8d5d158dbd61a8a59abfd587f3b4a6df6e5f0f22a6c9af9a	sh	Gafgyt
2025-08-28 07:30:20	9d506a765821d3836dcedf7d5fe972cefbc5c6bd7a0fb1ccb4320a4b341fb35b	sh	Gafgyt
2025-08-28 07:30:20	1f323c90c1a3e02ac828dda944d5d2d268717958632f10c6b09cd17dddd58fd9	sh	Gafgyt
2025-08-28 07:30:20	3b0bcd7e422c38f283852898865897c883e46eb11e817afcf36f7b5826de9a54	sh
2025-08-28 07:30:20	5002c5a1576d46213077a3ec8a185549fc66faff879d54e3ad6a994a9a476430	sh	Gafgyt
2025-08-28 07:30:20	917b520d0019bea6aa2b04d80b128771ece7f4de5d6c4503bd8ef29494e5aea7	elf	Mirai
2025-08-28 07:30:20	04eda5b9e6e5bc4057502411fae19adeeb301a39b24d82ba3438a6094fe1ae2d	elf	Gafgyt
2025-08-28 07:30:20	77e287d8d0967bffac544be47fd8afc8da9ac67052e41e2595d0b8d8fe794f2c	elf	Gafgyt
2025-08-28 07:30:20	92afbef86c7877ed2cee0e8fe0194a3e998e0b347b50303c675392a87a31a369	elf	Mirai
2025-08-28 07:30:20	3b3eba4bea8a981baa303e11f90fe9728f818404f5373d91aac6df518316192f	elf	Mirai
2025-08-28 07:30:16	c1d2fa8cfd763650ce5f13ca2e8018f48d3bbb0971370901cc43e75d303a6040	sh	Mirai
2025-08-28 07:30:13	773bf787b1848b0af1453ecdf14b7ffa9e6fd90794375a55fff781f5947c1916	sh
2025-08-28 07:30:12	6490586ab557e772c4ddb5d0bdc469118f5af4997831d32273b2a219ef871791	elf	Mirai
2025-08-28 07:30:09	f846869bce0273829deb7c4f736dd45e536a757ac52b21245e6caa6700a7af36	elf	Gafgyt