URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	23.132.164.155
Firstseen:	2025-12-21 12:29:25 UTC
Total malware sites :	4
Online malware sites :	4 (100%)
Offline Malware sites :	0 (0%)
Newest active malware site :	2025-12-24 09:41:05 UTC
Oldest active malware site :	2025-12-21 12:29:28 UTC (Age: 3 days, 10 hours, 33 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-12-21 12:29:28	23.132.164.155		SBL688228	AS60223 NETIFACE-AS	GB	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-12-24 09:41:05	http://23.132.164.155/hs	Online	ua-wget	BlinkzSec
2025-12-21 15:14:07	http://23.132.164.155/k.sh	Online	perl sh ua-wget	NDA0E
2025-12-21 12:29:34	http://23.132.164.155/all.sh	Online	CoinMiner sh ua-wget xmrig	NDA0E
2025-12-21 12:29:28	http://23.132.164.155/miner80.tgz	Online	CoinMiner gz tar tgz ua-wget xmrig	NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-12-24 09:41:05	a311a918e5c79172e51712d8d8f8792878b617a5a33e08c207641afce8060e9b	unknown
2025-12-21 15:14:07	5809295d36814bb38e12e3734ff0acb65f38aba431ec2bb08cb6fbc94761ea71	unknown
2025-12-21 12:29:33	dc0a766ad6dfb84cedd35a182d7b19b5579a21c386e76c79b16a7f56e13e625a	sh	CoinMiner
2025-12-21 12:29:28	48126f0f677204cf1a3a10981814d78d6254b29810299097b6e68dd9f37ebdf9	unknown