URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	45.85.218.109
Firstseen:	2026-05-26 09:33:05 UTC
Total malware sites :	16
Online malware sites :	13 (81%)
Offline Malware sites :	3 (19%)
Newest active malware site :	2026-05-28 13:16:31 UTC
Oldest active malware site :	2026-05-28 12:43:05 UTC (Age: 4 hours, 0 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-05-26 09:33:06	45.85.218.109	45.85.218.109.ptr.nexserv.de	Not listed	AS48314 IP-PROJECTS	DE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-05-28 13:16:31	http://45.85.218.109/iran.x86_64	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:29	http://45.85.218.109/iran.i486	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:29	http://45.85.218.109/iran.m68k	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:29	http://45.85.218.109/iran.powerpc	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:29	http://45.85.218.109/iran.sh4	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:29	http://45.85.218.109/iran.arc	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:29	http://45.85.218.109/iran.armv5l	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:29	http://45.85.218.109/iran.mipsel	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:24	http://45.85.218.109/iran.mips	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:20	http://45.85.218.109/iran.armv6l	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:20	http://45.85.218.109/iran.armv4l	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:20	http://45.85.218.109/iran.sparc	Online	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:20	http://45.85.218.109/iran.armv7l	Offline	45-85-218-109 elf mirai ua-wget	BlinkzSec
2026-05-28 13:16:20	http://45.85.218.109/iran.mipsrouter	Offline	45-85-218-109 elf ua-wget	BlinkzSec
2026-05-28 12:43:05	http://45.85.218.109/payload.sh	Online	mirai script	geenensp
2026-05-26 09:33:06	http://45.85.218.109/i486	Offline	ascii	geenensp

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-05-28 14:21:56	18ee3cc97ff0241c7f86d74dbc2faa72b0365af5236ed8cae6a456883c8e12fd	elf	Mirai
2026-05-28 14:10:14	23f1f00383dcccced590eb9f14795c26f68f5f2fc566c01cbc21689919d2dcf9	elf	Mirai
2026-05-28 13:30:24	c292a9501c815c6de3bda6e2afe6119cc7d71bb064a121033b3ef94841dd18f2	elf	Mirai
2026-05-28 13:29:03	4f7f2e6302c34336d2bbc64b95bbc3728fdd0863ddb6dc02c59c4e61c78c3f1f	elf	Mirai
2026-05-28 13:16:31	df1302c1034994d9efd381a0329dc655a3e92063b2c00f5bc9f9cf8e01a3d15a	elf	Mirai
2026-05-28 13:16:29	a81250987adc632f491a585e5ecda2665ff4b96fd57b240cc656605da84fb1d3	elf	Mirai
2026-05-28 13:16:29	e1d1bdc7b6130b2d097cdf5a2d231775804e106b1ba1dfbb1739ad057e5bcbb2	elf	Mirai
2026-05-28 13:16:29	d9b39614f091892aad982fdcf1a300488f09609bd937e57567c9acaa64a267e2	elf	Mirai
2026-05-28 13:16:29	f09d248d2c919cfbec61d5ae92496ad104ee89d763f28b764b3bc2691c7ee397	elf	Mirai
2026-05-28 13:16:29	3ec1e20c41d4ad155878e85ab81a0a86c6de42bd64af34c6879799ab34a6567a	elf	Mirai
2026-05-28 13:16:29	404a51071350110929d95fb80066ac8b9030cf9c29fe13e49f9e0f3b52831316	elf	Mirai
2026-05-28 13:16:29	8af481c0f928d98063236b2778b903bed0c18b995ae627677db45d47639cc6fe	elf	Mirai
2026-05-28 13:16:24	a4b6a754406e0833759c6e46e5505a2c7635bb25a1932f938adc8f76cf6c08ed	elf	Mirai
2026-05-28 12:43:05	4c32dc36b29a82aa9a7c369310cf5d4711697867a6031b27052c850767ab05b3	sh	Mirai