URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 158.94.208.251
Firstseen:2026-01-20 10:34:04 UTC
Total malware sites :35
Online malware sites :0 (0%)
Offline Malware sites :35 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-01-20 10:34:12 158.94.208.251SBL686264AS214976 APIVERSA- DEyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-01-21 17:47:09http://158.94.208.251/ll.shOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.spcOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/reactOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.arm6Offlinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/tplink.shOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.mpslOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/w.shOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/wget.shOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/c.shOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.m68kOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.armOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.x86Offlinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/react.shOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/lalala.zipOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.arm5Offlinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.sh4Offlinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.ppcOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/StormStresser.x86Offlinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/fernisafuckingddosbossfuc...Offlinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.mipsOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/morebins/StormStresser.arm7Offlinebotnet mirai ext opendir DaveLikesMalwre
2026-01-21 17:47:09http://158.94.208.251/react.oOfflinebotnet mirai ext opendir DaveLikesMalwre
2026-01-20 10:34:23http://158.94.208.251/arm6Offlineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/m68kOfflineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/arm7Offlineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/sh4Offlineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/x86Offlineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/ppcOfflineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/i486Offlineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/sparcOfflineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/x86_64Offlineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/mipsOfflineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/mpslOfflineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:23http://158.94.208.251/arm4Offlineelf mirai ext ua-wget ClearlyNotB
2026-01-20 10:34:12http://158.94.208.251/arm5Offlineelf mirai ext ua-wget ClearlyNotB

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-01-21 17:47:0938d7165e0c560a6b3eded745678a8a2a458ed2ef55b004fa8b8186814aa2d13esh 
2026-01-21 17:47:0987e8e56fb63bd00b0ceb34c453a514d35b82754a870f7ee53011470368c25e8eelfMirai
2026-01-21 17:47:097db4bb43f1a287596517762d5bb993d558af01cc96f8aca96c9fdd44141608d6elf 
2026-01-21 17:47:095f44e7405b7903aed32ed22105a7a7f93d22652bf1feb639b5e3b7e57cbc07aeelfMirai
2026-01-21 17:47:09853de318d47ef2b20741dc9c8b4f14fefac5e1f320992773ad88036a588b729dsh 
2026-01-21 17:47:09973e6ca0574bee0109b6062b0c74e8501756631753e708695a79d66b4d28c407elfMirai
2026-01-21 17:47:092d5e2d77ba36d07dd6099b9cb0247242d489d2255b57f9f2290f2cdaa35f9ba2shMirai
2026-01-21 17:47:099f1281e658f9d4970c66f9a44b981edbc07f069be3c95d8fd4ddb80d40726318shMirai
2026-01-21 17:47:0981ebdc7930fc303622b8038439b608172be0dd977f240574ee0832e5e70f3f11sh 
2026-01-21 17:47:09e688bbb59ed32d3775747b4b520a51d54de18be384ae0dbad02079d35ad2399celfMirai
2026-01-21 17:47:09fd8e72b89585bf329a9e68bd2d178d546ad040b59c805c289afad3bcff5ce03belfMirai
2026-01-21 17:47:098697ad9fe4465d5cbe17a1f08ee606d011a25b4a7d103693e54922836e332a10elfMirai
2026-01-21 17:47:091c36270fe8152caa0bd0d75e24ecc614b3606698ce415a95173be995b930fcc1sh 
2026-01-21 17:47:0929abc3b6bab75a644f60a31e896a0f69bfcf5046f64a84bf399a46d887147524zip  
2026-01-21 17:47:09a9ae5ca054f10bb669805144ff55b05cd6680460455bd655a0db01179db91a8delfMirai
2026-01-21 17:47:09d060c8627812f3e8c6e33a9bca56818797d135b34fb21774323f3c6a0ab6f8f3elfMirai
2026-01-21 17:47:0963c0cbc17330f181579ab05b20ee4062f7a31d05d84dbf47f31c807f284bb21felfMirai
2026-01-21 17:47:09e78b8307479dedb074ebb74dda5723315533ebe7c74e53a1e5e15572bfb6247aelfMirai
2026-01-21 17:47:0910d80a08e4d90e32213746ab214b61840a1ee9691adbe78f6b90d9c8b470707csh 
2026-01-21 17:47:092d85d3ce39bb2f43187d9a51a531c9cf607e0adeedc17933285490c325ac1e7celfMirai
2026-01-21 17:47:09fbe633b882fda23a1a703497bcb1b61e3aff29eee21e1d58d57653edcdfe2993elfMirai
2026-01-21 17:47:098879ddd3ece8050a21a3aa9f0b3221c302cc97c6eb99b3c951254c23c2f1efd9elf 
2026-01-20 10:34:2327fe5bc4522c12b8bb62e916fcbc21de3e252621a06b1ca01c5ff04fb542cc9felfMirai
2026-01-20 10:34:232beaf13e5bc6678b22cf23407999b1bdee27ada1b5219bf6227279cd97c833baelfMirai
2026-01-20 10:34:2389e1474abd79dbfed5c1f4f47150d8a1da3ff02c01f3ffd79aeafb1a7d0a21f3elfMirai
2026-01-20 10:34:23354bac86d50cf576c6d554b2aafd6f728e032821010ec59741c9f00ebf6a89abelfMirai
2026-01-20 10:34:2328e9a3fee5786f96a02170a4959f7250101feaed551e27b146cd5f27a6b70f2celfMirai
2026-01-20 10:34:233e96982bfb873576513d8fa107ca433003b86c8cf901120f20237cf38cf485e1elfMirai
2026-01-20 10:34:235ff3c45bba93b2c297d9644a93a751a7be92ab99699964b871f28edbc3c09404elfMirai
2026-01-20 10:34:23e273652f1699e68bcb27cd81dac9a01ca673834f2601fa8806c423d53227977felfMirai
2026-01-20 10:34:238b8f4ab153e1ad148a17077606bc108a4c8cf3122125f5cc61a733c5c68f34ecelfMirai
2026-01-20 10:34:232e3e7be8d40ee0b3614553d271ae3570c91e28e1c92a4cc87cfad2d74916f8c4elfMirai
2026-01-20 10:34:230bbb7ae0a2495f87a81b3d7c8a458dcf45cc568917e32f0d14a7a1335dd2d5caelfMirai
2026-01-20 10:34:23fe75d377cef1bc619904f107a1686c914340532dab020a53d99de4ac68ced47aelfMirai
2026-01-20 10:34:12cc1d3e676b7a1f8a2957593809741e305b53175206970f9e92aed74a20a077d8elfMirai