URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 78.159.131.11
Firstseen:2025-04-18 11:34:03 UTC
Total malware sites :6
Online malware sites :0 (0%)
Offline Malware sites :6 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-18 11:34:04 78.159.131.1151758.ip-ptr.techNot listedAS215540 GCS-AS- ALyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-04-18 11:36:04http://78.159.131.11/skid.mipselOfflineddos elf mirai ext Gandylyan1
2025-04-18 11:36:04http://78.159.131.11/skid.armv7lOfflineddos elf mirai ext Gandylyan1
2025-04-18 11:35:04http://78.159.131.11/skid.armv5lOfflineddos elf mirai ext Gandylyan1
2025-04-18 11:35:04http://78.159.131.11/massloadOfflinesh ua-wget Gandylyan1
2025-04-18 11:35:03http://78.159.131.11/skid.armv4lOfflineddos elf mirai ext Gandylyan1
2025-04-18 11:34:04http://78.159.131.11/skid.mipsOfflineddos elf mirai ext Gandylyan1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-04-18 11:36:04014bce445349169798dfc0f8c7629964d3e2b2f40eb299c6ef5220b3651bf5d4elf 
2025-04-18 11:36:045b3466b4b2495b829c6cc3686a3773ebd1615438624b46c81acb3ac719f3d14eelfMirai
2025-04-18 11:35:045199493171a36a2a1ba7ddedb814caafb57cd1bcb047ba9dc8253375e1a8b418elfMirai
2025-04-18 11:35:04f5eccdd0753e63302d0015449a211a825fc1ee0b0dddcdd4f7a6746ceb8d9e84sh 
2025-04-18 11:34:04a6bef16e1015b9bac15bbbb795ef87e0f5cde37e13914c1766981871fda2c115elf