URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 162.240.179.212 |
|---|---|
| Firstseen: | 2025-11-30 19:22:05 UTC |
| Total malware sites : | 8 |
| Online malware sites : | 5 (63%) |
| Offline Malware sites : | 3 (38%) |
| Newest active malware site : | 2025-11-30 19:24:09 UTC |
| Oldest active malware site : | 2025-11-30 19:23:09 UTC (Age: 6 hours, 40 minutes) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-11-30 19:22:05 | 162.240.179.212 | vps-14483762.syncnetwork.host | Not listed | AS46606 UNIFIEDLAYER-AS-1 |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-11-30 19:24:09 | http://162.240.179.212/~wwsync/sync.arm7 | Online | elf geofenced mirai  opendir ua-wget USA |  botnetkiller |
| 2025-11-30 19:23:21 | http://162.240.179.212/~wwsync/lava.arm6 | Online | elf geofenced mirai opendir ua-wget USA | botnetkiller |
| 2025-11-30 19:23:11 | http://162.240.179.212/~wwsync/sync.arm5 | Offline | elf geofenced mirai opendir ua-wget USA | botnetkiller |
| 2025-11-30 19:23:09 | http://162.240.179.212/~wwsync/lava.arm4 | Online | elf geofenced opendir ua-wget USA | botnetkiller |
| 2025-11-30 19:23:09 | http://162.240.179.212/~wwsync/lava.mipsel | Online | elf geofenced mirai opendir ua-wget USA | botnetkiller |
| 2025-11-30 19:23:09 | http://162.240.179.212/~wwsync/lava.arm5 | Online | elf geofenced opendir ua-wget USA | botnetkiller |
| 2025-11-30 19:23:09 | http://162.240.179.212/~wwsync/lava.arm7 | Offline | elf geofenced mirai opendir ua-wget USA | botnetkiller |
| 2025-11-30 19:22:05 | http://162.240.179.212/~wwsync/x.sh | Offline | geofenced opendir sh ua-wget USA | botnetkiller |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-11-30 22:55:43 | 66199c5c912907936a103184de81ba61e24eb53b8904518659a1d002ac5cd61a | elf | Mirai | |
| 2025-11-30 19:24:09 | f4cdf897608f3449fe831bc79a46a172167f9e25e9392e78478314d3a93e2529 | elf | Mirai | |
| 2025-11-30 19:23:11 | 1ccc7a6643b13b8a50467630f4ee52db6505d7072267488fac8462caee08df5a | elf | Mirai | |
| 2025-11-30 19:23:09 | df0304444306ee9c8ebe5434fef4c7c426433248be4271a9e8dda37ecb2d2c0b | elf | ||
| 2025-11-30 19:23:09 | 98a15b2e48f4a2050b77b0932584ed023863a2326270658f3f42bfb626f47b1e | elf | Mirai | |
| 2025-11-30 19:23:09 | 6a6143a7219f352c1d36fc2844861d2faf9bef8c172b719b397c9fbecc031b6d | elf | ||
| 2025-11-30 19:23:09 | 2f903cfd3fe60631ae21bc9212aacf8132c17525787b036dd4e1de692925ca85 | elf | Mirai |