URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 78.153.155.152 |
|---|---|
| Firstseen: | 2026-06-04 10:00:05 UTC |
| Total malware sites : | 10 |
| Online malware sites : | 8 (80%) |
| Offline Malware sites : | 2 (20%) |
| Newest active malware site : | 2026-06-04 10:49:24 UTC |
| Oldest active malware site : | 2026-06-04 10:00:15 UTC (Age: 1 day, 4 hours, 51 minutes) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-06-04 10:00:15 | 78.153.155.152 | 158411.ip-ptr.tech | Not listed | AS8342 RTCOMM-AS |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2026-06-04 10:49:24 | http://78.153.155.152/f | Online | censys sh ua-wget |  NDA0E |
| 2026-06-04 10:01:28 | http://78.153.155.152/mips | Online | censys elf mirai  ua-wget | NDA0E |
| 2026-06-04 10:01:24 | http://78.153.155.152/arm5 | Offline | censys elf ua-wget | NDA0E |
| 2026-06-04 10:01:22 | http://78.153.155.152/mipsel | Online | censys elf mirai ua-wget | NDA0E |
| 2026-06-04 10:01:17 | http://78.153.155.152/arm | Offline | censys elf ua-wget | NDA0E |
| 2026-06-04 10:01:14 | http://78.153.155.152/arm7 | Online | censys elf mirai ua-wget | NDA0E |
| 2026-06-04 10:00:15 | http://78.153.155.152/tplink.sh | Online | censys mirai sh ua-wget | NDA0E |
| 2026-06-04 10:00:15 | http://78.153.155.152/t | Online | censys sh ua-wget | NDA0E |
| 2026-06-04 10:00:15 | http://78.153.155.152/o | Online | censys sh ua-wget | NDA0E |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-06-04 10:49:24 | 0cf25f68a0a089ad835e89fa0023f2f4c4d9cbf46bb70653c98f494ec1ca790a | sh | ||
| 2026-06-04 10:49:24 | 0cf25f68a0a089ad835e89fa0023f2f4c4d9cbf46bb70653c98f494ec1ca790a | sh | ||
| 2026-06-04 10:01:28 | 899c4224d505bcae0735a499cd4b8489ee833608a441ee660a8108aa6ba89b24 | elf | Mirai | |
| 2026-06-04 10:01:22 | 697a35f958553313fad25cba0d3b831cbc5af0376a7a612fb07093c0acce5a47 | elf | Mirai | |
| 2026-06-04 10:01:14 | 787a2d66b664530fcc92fd82133dcd2eee37e80ff3032eaf121fa690002627dc | elf | Mirai | |
| 2026-06-04 10:00:15 | a2f79e38fd817926585b03e627d3c522856287f4d0f77b4db1b89ee7aacd7e1e | sh | ||
| 2026-06-04 10:00:15 | e5ca71e07283830f2669e5a91a8ae1c761e323280fb3b2f8f5977957d86926ee | sh | ||
| 2026-06-04 10:00:14 | 26c199656768aede5a150dcbc5321920c21a176f1d11d0e4236b9f6304abd5f8 | sh | Mirai |