URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	185.121.14.176
Firstseen:	2025-12-12 18:20:06 UTC
Total malware sites :	25
Online malware sites :	0 (0%)
Offline Malware sites :	25 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-12-12 18:20:11	185.121.14.176		Not listed	AS50053 VDSKA-AS	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-01-01 21:52:17	http://185.121.14.176/armv7l	Offline	DDoSAgent elf ua-wget	NDA0E
2026-01-01 21:51:24	http://185.121.14.176/mips	Offline	elf mirai ua-wget	NDA0E
2026-01-01 21:51:24	http://185.121.14.176/mips64	Offline	elf ua-wget	NDA0E
2026-01-01 21:51:24	http://185.121.14.176/arm7	Offline	DDoSAgent elf ua-wget	NDA0E
2026-01-01 21:51:24	http://185.121.14.176/bot.arm	Offline	elf ua-wget	NDA0E
2026-01-01 21:51:24	http://185.121.14.176/s390x	Offline	DDoSAgent elf ua-wget	NDA0E
2026-01-01 21:51:24	http://185.121.14.176/mipsle	Offline	elf ua-wget	NDA0E
2026-01-01 21:51:24	http://185.121.14.176/x86	Offline	DDoSAgent elf ua-wget	NDA0E
2026-01-01 21:51:23	http://185.121.14.176/ppc	Offline	DDoSAgent elf ua-wget	NDA0E
2026-01-01 21:51:23	http://185.121.14.176/i586	Offline	DDoSAgent elf ua-wget	NDA0E
2026-01-01 21:51:23	http://185.121.14.176/mips64le	Offline	elf ua-wget	NDA0E
2026-01-01 21:45:15	http://185.121.14.176/x86_64	Offline	elf ua-wget	NDA0E
2025-12-12 18:20:15	http://185.121.14.176/arm6.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:14	http://185.121.14.176/mips.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/sh4.Sakura	Offline	mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/powerpc.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/arm5.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/arm4.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/mipsel.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/Sakura.sh	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/i586.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/arm7.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/x86_64.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/i686.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre
2025-12-12 18:20:11	http://185.121.14.176/m68k.Sakura	Offline	gafgyt mirai opendir	DaveLikesMalwre

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-01-14 13:53:56	4c8d73003514cbc68154a98fe8700bd7a248d6b655bef29516c547c6e86ebadf	elf	DDoSAgent
2026-01-14 13:52:00	b5ecbca7df8b6bb636300a260b6295be0207d3be29a298dce61f7c4a94a3dd66	elf	DDoSAgent
2026-01-14 13:46:30	4c8d73003514cbc68154a98fe8700bd7a248d6b655bef29516c547c6e86ebadf	elf	DDoSAgent
2026-01-14 13:14:54	89f276c4615636a259830cc80417eb2837e09d826543ad72d9ed45a6bcc2644a	elf	DDoSAgent
2026-01-14 13:04:35	b5ecbca7df8b6bb636300a260b6295be0207d3be29a298dce61f7c4a94a3dd66	elf	DDoSAgent
2026-01-14 12:55:34	5f7bf5a001d110a03fcc9c974a3e126438a287b0c6ece5528b1b76ac59c9bdbc	elf	DDoSAgent
2026-01-01 21:52:17	e63fa533fec8b8089ff5878389cdf93d42eb64e9fe8e48d0dab3b0cdc5bb737c	elf
2026-01-01 21:51:24	beb8cbd6be2c822688fe3f7835660fda7731c302e51b8745d413b693a50d1681	elf	Mirai
2026-01-01 21:51:24	fd7b5fd23aed0b89fefa4a9261154affea7681d51378656088e38bf8cd27faa6	elf
2026-01-01 21:51:24	e63fa533fec8b8089ff5878389cdf93d42eb64e9fe8e48d0dab3b0cdc5bb737c	elf
2026-01-01 21:51:24	80188044b0c4e83cbbcee1d5ed7c9afa08a77f4caadb377148f56b8061ef80d2	elf
2026-01-01 21:51:24	dd5b6e6d1b5901211029e81795ea59281c2aeeb1188e9738f7732c51e629fa43	elf
2026-01-01 21:51:24	b3eadaae58e6f843c78f7aeec2846512e22a3d3fa7b6141fa93b46562fc22569	elf
2026-01-01 21:51:23	0113da9f6ca2e13c26a475550f5910eab7f33025856a8ee4a719d1e3d488bccd	elf
2026-01-01 21:51:23	0113da9f6ca2e13c26a475550f5910eab7f33025856a8ee4a719d1e3d488bccd	elf
2026-01-01 21:51:23	0f1a9c03fa7bf1525b34406245dd6ec3bf28a1f951b5b80a84732d0f1ac9aefc	elf
2026-01-01 21:51:23	41558711b8159b4b5d686133941f1c3f62cabb7aefcbb95cfbca48473fbf1ee5	elf
2026-01-01 21:45:15	1e8dcf82caf62fb4950abbf62744d0ee8ad6782c7d3863f81c3d94f279e9c7e7	elf
2025-12-12 18:20:15	125f499012edc6534dffa3b09899bdc20890e74938c82a54a81da35a6d2c6680	elf	Gafgyt
2025-12-12 18:20:14	f69fcf30eb52d7c0a517f0342bdd3ca80af987e6d20ffba2f0e69001a5ef7076	elf	Gafgyt
2025-12-12 18:20:11	025a635c98791f0c2f2498e58f1337bc69573b5390a6325fda79ec21a500b92e	elf
2025-12-12 18:20:11	5cf788b4998959370e950fc17b05f43f2a7c5451190807c4567706b82e8847d6	elf	Gafgyt
2025-12-12 18:20:11	6a0b377d9084556b31da46a9ddde4f3994fe47ddb391b0cfb2e492ea5f1f09e5	elf	Gafgyt
2025-12-12 18:20:11	c3092111ffa42da764ad13fd8ce86cb9275043a8fcc28f2b777f37a27063c016	elf	Gafgyt
2025-12-12 18:20:11	7832769ad06fa3451f7cf9caf998ce7664dc8c4e3c822081be6d3e5308ddd8b0	elf	Gafgyt
2025-12-12 18:20:11	463151ea89ac13b9ef0f97b3878f70ecc3a3bc17de5102244745c4a2c9ec6833	elf	Gafgyt
2025-12-12 18:20:11	bf23ada4496bd18a02fb81323482cce0cc07d81eaaa68557199a2b6721ac7cef	elf	Gafgyt
2025-12-12 18:20:11	f58a58117616dbb54d010dbe90fe9513005118c18baa699282c39c7af34e6005	elf	Gafgyt
2025-12-12 18:20:11	4c240dd7fae03f36b7f470bed60dfc3aaaea3bd6493403f9f3f40cb61b4a86e3	elf	Gafgyt
2025-12-12 18:20:10	03252c6ef5927f6135a2a20f346678fec3150454d6e43b0e75a26722052d8610	elf	Gafgyt
2025-12-12 18:20:10	d7e4e6df87f3cbe30a24e6b6b8df6d8d0f1e9251f60261d578fc115b24586011	sh	Gafgyt