URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: node.bot.dekma-gay.ru
Domain registrar:REG.RU -
Domain registration date:2023-07-15 12:34:18 UTC
Spamhaus DBL :Abused domain (botnet C&C)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2026-06-11 12:27:07 UTC
Total malware sites :17
Online malware sites :17 (100%)
Offline Malware sites :0 (0%)
Newest active malware site :2026-06-11 12:42:10 UTC
Oldest active malware site :2026-06-11 12:27:33 UTC (Age: 1 day, 3 hours, 13 minutes)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-06-11 12:27:33 45.137.198.245hosted-by.royalehosting.netNot listedAS212477 ROYALE-AS- NLyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-06-11 12:42:10http://node.bot.dekma-gay.ru/huhu/titanjr.i486Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:52http://node.bot.dekma-gay.ru/all.shOnlinebotnetdomain censys mirai ext sh ua-wget NDA0E
2026-06-11 12:27:49http://node.bot.dekma-gay.ru/huhu/titanjr.sh4Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:47http://node.bot.dekma-gay.ru/huhu/titanjr.x86_64Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:47http://node.bot.dekma-gay.ru/huhu/titanjr.arcOnlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:47http://node.bot.dekma-gay.ru/huhu/titanjr.arm6Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:47http://node.bot.dekma-gay.ru/huhu/titanjr.ppcOnlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:47http://node.bot.dekma-gay.ru/huhu/titanjr.mipsOnlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:36http://node.bot.dekma-gay.ru/huhu/titanjr.m68kOnlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:34http://node.bot.dekma-gay.ru/huhu/titanjr.x86_32Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:34http://node.bot.dekma-gay.ru/huhu/titanjr.ppc440Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:34http://node.bot.dekma-gay.ru/huhu/titanjr.arm7Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:34http://node.bot.dekma-gay.ru/huhu/titanjr.armOnlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:34http://node.bot.dekma-gay.ru/huhu/titanjr.i686Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:34http://node.bot.dekma-gay.ru/huhu/titanjr.arm5Onlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:33http://node.bot.dekma-gay.ru/huhu/titanjr.mipslOnlinebotnetdomain censys elf mirai ext ua-wget NDA0E
2026-06-11 12:27:33http://node.bot.dekma-gay.ru/huhu/titanjr.spcOnlinebotnetdomain censys elf mirai ext ua-wget NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-06-11 12:42:10c4c0b9f745b0347c4aa1e49cf335c8a9921b67a6d26b0567099ef76996750684elfMirai
2026-06-11 12:27:52e93e68c0d00eff562d9912569f043885e4d9e8a6bd90235a5970b0e253472afashMirai
2026-06-11 12:27:49507abb56e2a45b07a5451ae7204718330b218582d9155f5db2c2f6d51c036eebelfMirai
2026-06-11 12:27:4738f0ec2e4d637fec1573bf41312b3bb09d3fd02ea4c8daf9247d2f24b01a83a2elfMirai
2026-06-11 12:27:4744334ccb3d756f16cde0b9f25966a0a61193da17234baab9983d74a87a003bbcelfMirai
2026-06-11 12:27:47158065c86254c7391f04f6d1949dd2c32e78b3e7199a5f2ecc4ab09c7c977f75elfMirai
2026-06-11 12:27:4787df268dadf7a70707a124c7b8c1bf5da3a9c3157f9094efbdc821029db01852elfMirai
2026-06-11 12:27:471d3032fd86fde8e97abf73b99b300adaab2d25338ce95968cc511063c4975784elfMirai
2026-06-11 12:27:36cabd1b6d3e3201ed36d29e8acb3127503737b2f7b60988f0fc13768a9938db24elfMirai
2026-06-11 12:27:34265652a0493d3542eda85763fee9a7d6ab9e1b10a4d83bb77a64b38ca9f8f117elfMirai
2026-06-11 12:27:3458fde1db63f97c1d95f60a86d1df0bee17e213981e524dd581878e23524daab8elfMirai
2026-06-11 12:27:33ef0ebfef48902f00e7138b0fe78816208a8da50bc27fd6b5189279d19fbb270celfMirai
2026-06-11 12:27:33fb9dd2a09a9197f4661a10501c5e310b39c5ce6477582ddda56ed28f9fe9a797elfMirai
2026-06-11 12:27:330beb9992ceebd96f8d79682248e08d81ba2fc0302f82bcd73d26b26d6ad83b70elfMirai
2026-06-11 12:27:33900fe7ec6338c05648105a2ef6f58fb27f5708ee6c2e4f9fdd81ba2ffd2a492felfMirai
2026-06-11 12:27:33f90dc0095d30b8d70a308a5b662e269b2723258eb728a970abbfc13fe69277b0elfMirai
2026-06-11 12:27:33cb4fab95997ceb96ca3a750406c72ce0e7d807080c38abcc4987392ec2e06354elfMirai