URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 158.94.210.44
Firstseen:2025-12-09 14:26:21 UTC
Total malware sites :19
Online malware sites :0 (0%)
Offline Malware sites :19 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-12-09 14:26:27 158.94.210.44SBL686264AS202412 OMEGATECH-AS- NLyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-12-18 14:37:11http://158.94.210.44/bins/dlr.mpslOfflineelf ua-wget ClearlyNotB
2025-12-18 14:37:11http://158.94.210.44/bins/dlr.spcOfflineelf ua-wget ClearlyNotB
2025-12-18 14:37:11http://158.94.210.44/bins/dlr.ppcOfflineelf ua-wget ClearlyNotB
2025-12-18 14:37:11http://158.94.210.44/bins/dlr.m68kOfflineelf ua-wget ClearlyNotB
2025-12-18 14:37:11http://158.94.210.44/bins/x86Offlineelf ua-wget ClearlyNotB
2025-12-18 03:01:15http://158.94.210.44/mipsOffline32-bit elf mirai ext Mozi ext threatquery
2025-12-11 16:14:12http://158.94.210.44/bins/sora.spcOfflineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:13:14http://158.94.210.44/bins/sora.armOfflineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:13:14http://158.94.210.44/bins/sora.x86_64Offlineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:13:14http://158.94.210.44/bins/sora.sh4Offlineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:13:14http://158.94.210.44/bins/sora.i686Offlineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:13:14http://158.94.210.44/bins/sora.mipsOfflineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:12:09http://158.94.210.44/bins/sora.mpslOfflineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:12:09http://158.94.210.44/bins/sora.x86Offlineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:12:09http://158.94.210.44/bins/sora.m68kOfflineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:12:09http://158.94.210.44/bins/sora.ppcOfflineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:12:09http://158.94.210.44/bins/sora.arm6Offlineelf mirai ext ua-wget ClearlyNotB
2025-12-11 16:12:09http://158.94.210.44/bins/sora.arm5Offlineelf mirai ext ua-wget ClearlyNotB
2025-12-09 14:26:27http://158.94.210.44/lmao.shOfflinemirai ext opendir sh DaveLikesMalwre

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-12-18 03:01:154589612e0bcf2e254096bf56850fc6668220a885c3e84ccf4dcae13c63309952elfMirai
2025-12-12 18:21:272f4368761f0925a45475730eeb9ef1b84139b65f7a06643fc355c89d243f52b0elfMirai
2025-12-12 18:07:46931362d132df32e982d3b8f3cd16b77829ebb9f1521f8148221f6bc637983d3eelfMirai
2025-12-12 17:56:23071c8b50d2a1a4b29b52bc1b57841679c8550d25ea465752702b118f5a0eda1delfMirai
2025-12-12 17:44:5026c4ff1da1cb385c8808f5e56ca5f49ad15520778554bfed7f2cf80f9606e3fbelfMirai
2025-12-12 17:20:5868499354751da952246a62fd17950aaee16960e3f78be610c8a402ccdb79ac7celfMirai
2025-12-12 17:11:519b0f79b1ec3141f6eb5db1c993a90d583387ca78f84844ca05600b1f16c9b17felfMirai
2025-12-12 16:59:39ac5d67a5cc210d5858c03c4f26cbd47defabfd74583a67cd2598b06ed42165cdelfMirai
2025-12-12 16:45:465b0df69a7496565168a4795a511142d4d399ff9e3dd0c834fa740ad1dd0732beelfMirai
2025-12-12 13:41:352abefe398e7882435469df0db835a205ffbf78d05ac658cbf7f0ab8686634cedelfMirai
2025-12-12 00:25:461a12756fd203de9572ef6c5336a496ce91c22ef795e986cf268266bee4a1c1dbelfMirai
2025-12-12 00:20:5635dd8262578170503b0518a022ec3a696110a1f20fd22d6d05aea6721ab86e11elfMirai
2025-12-12 00:17:411b1290ee98ff6172564f549a47e15e47e4dac869b907ff1b4ca5a4648c320cc4elfMirai
2025-12-11 23:38:5197346cd5cb96c4c85dec58820930ffd80c375834ae47c3288e96961485f31e53elfMirai
2025-12-11 23:33:024d921834d4f1898265e588556cb5052c849113cb0b79de86719ba8ffc9d77fc6elfMirai
2025-12-11 23:14:163e1aa219589a2e66f9d0187a506f00a33f86561ddb5d5e03aac898246b75cd90elfMirai
2025-12-11 23:13:20ff2cbd6c49b8bd0ce0dd87fe0b13b73ee03f9054938d721b59c7c5d05a11c0f3elfMirai
2025-12-11 23:02:284019d661a00ab26a41580816dd467d6f73962efcdd9583b87eb89c06c5547fe0elfMirai
2025-12-11 22:53:4446b2190e13f98ad6dbe5835bb2eae24a4a199469863e951856c3f118f8e994c2elfMirai
2025-12-11 22:43:009481c6dce39fa55254fc5ffd19a025fa6c3940ba70636609d289aa1356089da2elfMirai
2025-12-11 22:42:2753fa19a493d50fd81124a350528d63b5fdeede67b9c62413376c1b13cbb4395celfMirai
2025-12-11 19:01:5438a3ae03ddc7100377246aed54631b4d541563db18530cb98e15877a805898f1elfMirai
2025-12-11 18:50:41acff032492260ae61ae7cef8a3979328b57395e1f38c0cabf7e190fde2565adaelfMirai
2025-12-11 16:14:12d5317eb047a3c2f1adb9c704076bf9bc5dd612b3b43dda4b344affd95e91f748elfMirai
2025-12-11 16:13:14acb91ba2160dfada317635290f6cd63c91066eac022ec1657c27e90acbb7adefelfMirai
2025-12-11 16:13:135810d0d5be2426a8c339a3aa1e04e1e7dca5a44b6b1096447adacf90bd6d6ae1elfMirai
2025-12-11 16:13:133573a8197cb5eec6c7ba538bf99bb832dbc0e73855639448a27e5fec33f3297celfMirai
2025-12-11 16:13:130889db4c43f81d8ef66a617775d359a6d0f0e7d9a587dbdd642120c45123be44elfMirai
2025-12-11 16:13:13308a1eabc58503572d4459222a9a9761dc618aabdce935e3bdd2ee886f1b6e43elfMirai
2025-12-11 16:12:093b0389a5b22886568a133d068a5f87c7e2f53b3a833c60453e12ae883ff1d29belfMirai
2025-12-11 16:12:09a86ddf5a6a8d2d6b507f078fc4ec8f9c10d32267177e4f5fc57abcc140c95df3elfMirai
2025-12-11 16:12:09fa14f79b6670687ce6f5673d1d657669e5b7e06d88ebc11644536cd5748c3c7eelfMirai
2025-12-11 16:12:096b02f92b6ac6def09396502e195d87720e47c45bd3f19a2a94e57561c36c3d61elfMirai
2025-12-11 16:12:09aaa8ab798cc66a3ecbe833a3ad381c66d54723f8c0d0613c43177d060b2e0a03elfMirai
2025-12-11 16:12:09d7f552721b19cd19b2472b6a4d61b3b78afc129a562f284261fe3dcac534db14elfMirai
2025-12-09 14:26:27e5b2da3e95d97cff98f325c93a45983fe21ebbe2c0a51cff8c7883302a1e63f8sh