URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	158.94.211.162
Firstseen:	2026-03-05 17:41:06 UTC
Total malware sites :	29
Online malware sites :	15 (52%)
Offline Malware sites :	14 (48%)
Newest active malware site :	2026-03-17 21:03:07 UTC
Oldest active malware site :	2026-03-09 20:23:08 UTC (Age: 9 days, 14 hours, 54 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-03-05 17:41:08	158.94.211.162		SBL686264	AS202412 OMEGATECH-AS	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-03-18 07:36:06	http://158.94.211.162/data/5945.txt	Offline		abuse_ch
2026-03-18 07:36:06	http://158.94.211.162/data/509.txt	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/4	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/ok/8293.txt	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/data/n.txt	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/5	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/1	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/all/n.txt	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/3	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/ok/n.txt	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/STATACOMPL	Offline		abuse_ch
2026-03-18 07:36:05	http://158.94.211.162/all/12956.txt	Offline		abuse_ch
2026-03-17 21:03:07	http://158.94.211.162/12.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:03:07	http://158.94.211.162/13.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:03:07	http://158.94.211.162/11.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:03:07	http://158.94.211.162/14.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:02:06	http://158.94.211.162/10.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:02:06	http://158.94.211.162/7.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:02:06	http://158.94.211.162/8.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:02:06	http://158.94.211.162/5.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:02:06	http://158.94.211.162/9.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:02:06	http://158.94.211.162/4.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:02:06	http://158.94.211.162/6.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:01:08	http://158.94.211.162/2.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:01:08	http://158.94.211.162/1.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-17 21:01:07	http://158.94.211.162/3.exe	Online	BlackMatter dropped-by-Phorpiex	Bitsight
2026-03-09 20:23:08	http://158.94.211.162/sodal	Online	dropped-by-Phorpiex	Bitsight
2026-03-08 02:29:05	http://158.94.211.162/2	Offline	dropped-by-Phorpiex	Bitsight
2026-03-05 17:41:08	http://158.94.211.162/blof	Offline	dropped-by-Phorpiex	Bitsight

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-03-17 21:03:07	7801cad0002d6315c5f8dab5664394e5defb220e842cbe1f02e1bb78c04e71b5	exe	Ransomware.BlackMatter
2026-03-17 21:03:07	a90713c7598c082762864887bd3c691761501a7f98b522e058e926c6c7f1ac48	exe	Ransomware.BlackMatter
2026-03-17 21:03:07	297b2ae6169c2e735d906a82a7aa803b9ad136592db15c0aec6b6db0451e6d4f	exe	Ransomware.BlackMatter
2026-03-17 21:03:07	0d77033aac2872f7cb198c045aa2ff35ff580cdad85b8e6140c662f340160f2b	exe	Ransomware.BlackMatter
2026-03-17 21:02:06	1378230336dacaae827b7b4cc4f26ca444c78fa088871829f031541a4bf706d7	exe	Ransomware.BlackMatter
2026-03-17 21:02:06	74aef6ac1159bb8afaf2606dae0beddd5f8e3b61b04441056a88419e93c98955	exe	Ransomware.BlackMatter
2026-03-17 21:02:06	42d16073f40852cd7283f048127aa901fb3d0bcae8770e682c019706fc0f5468	exe	Ransomware.BlackMatter
2026-03-17 21:02:06	5df86b520fb87bc68448ea1e86b8ed358064a6eeb83262f149d3538c09b30358	exe	Ransomware.BlackMatter
2026-03-17 21:02:06	745a06b93c38a2d2f2b04f3178f4e640c1c117ba3fa89daa9344fc4a02b8424f	exe	Ransomware.BlackMatter
2026-03-17 21:02:06	48dadfad969b5a77bac64dfcdd090c7f21423680bb4a3fb684afa115ecf08026	exe	Ransomware.BlackMatter
2026-03-17 21:02:06	8b95627f574d1196193f262813593bc230af8b4e52e67a26fc6dada85c25d51f	exe	Ransomware.BlackMatter
2026-03-17 21:01:08	4e965dcca378e809757cd22e1209bcc263b08305286a7a7c6ec4e0b3283c3d1e	exe	Ransomware.BlackMatter
2026-03-17 21:01:08	e159d283a12a5b1a0de124744fd02253051d27cd1f085b033197f74e6f21f7ca	exe	Ransomware.BlackMatter
2026-03-17 21:01:07	2f521817d2ede5969034db18d46ce85446f2cd35054bf9d086bca2d3086a1e7d	exe	Ransomware.BlackMatter
2026-03-12 15:28:09	bd0609448235061c67aba5fd59ea3796bf3ab67b0e356b55491cdcf0c55a4d45	unknown
2026-03-11 14:44:53	2f57a09a34a980dfa935c132611857580996d4768f5bfe79b5110da722e8bfef	unknown
2026-03-09 20:23:08	68f40b51f4de057b32f88dfa0273d6deab02ce5fe7d4a879e2cef175a25b8c85	unknown
2026-03-08 02:29:05	51ddd1de77ba5327c14ee70344b0fc2786a4df2ccb76f5608aecd1edd69c7fda	unknown
2026-03-05 17:41:08	4d8e2513e9fca34ac443c0bc94d222414205a6bcf33d55088cd2dfec33da20d5	unknown