URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 109.235.7.1
Firstseen:2019-10-07 04:12:36 UTC
Total malware sites :25
Online malware sites :0 (0%)
Offline Malware sites :25 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2019-10-07 04:12:40 109.235.7.1customer7-1.airweb.czNot listedAS200059 AIRWEB-ISP- CZyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-07-13 15:22:07http://109.235.7.1:34851/iOffline32-bit elf mips Mozi ext geenensp
2025-07-13 14:26:17http://109.235.7.1:34851/bin.shOffline32-bit elf mips Mozi ext geenensp
2025-05-13 12:25:09http://109.235.7.1:42001/iOffline32-bit elf mips Mozi ext geenensp
2025-05-13 12:02:12http://109.235.7.1:42001/bin.shOffline32-bit elf mips Mozi ext geenensp
2025-03-24 03:04:03http://109.235.7.1:37951/Mozi.mOfflineMozi ext Gandylyan1
2023-06-30 17:34:34http://109.235.7.1:37457/bin.shOffline32-bit elf mips Mozi ext geenensp
2023-06-28 10:22:06http://109.235.7.1:37457/iOffline32-bit elf mips Mozi ext geenensp
2023-01-03 14:00:07http://109.235.7.1:60191/iOffline32-bit elf mips Mozi ext geenensp
2023-01-03 13:33:04http://109.235.7.1:60191/bin.shOffline32-bit elf mips Mozi ext geenensp
2023-01-03 11:04:04http://109.235.7.1:60191/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2022-09-05 15:05:04http://109.235.7.1:34042/iOffline32-bit elf mips Mozi ext geenensp
2022-03-31 20:34:04http://109.235.7.1:42342/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2022-03-05 17:34:04http://109.235.7.1:44223/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2022-02-19 17:42:03http://109.235.7.1:44223/iOffline32-bit elf mips Mozi ext geenensp
2022-02-19 17:11:07http://109.235.7.1:44223/bin.shOffline32-bit elf mips Mozi ext geenensp
2021-12-14 04:49:07http://109.235.7.1:52193/iOffline32-bit elf mips Mozi ext geenensp
2021-12-14 02:57:14http://109.235.7.1:52193/bin.shOffline32-bit elf mips Mozi ext geenensp
2021-12-12 23:19:06http://109.235.7.1:52193/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2021-05-26 06:57:08http://109.235.7.1:49117/bin.shOffline32-bit elf mips Mozi ext geenensp
2021-05-23 23:04:14http://109.235.7.1:49117/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2021-05-22 01:49:23http://109.235.7.1:49117/Mozi.aOfflineelf Mozi ext lrz_urlhaus
2021-05-12 21:20:18http://109.235.7.1:59083/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2021-05-09 19:36:10http://109.235.7.1:59156/bin.shOffline32-bit elf mips Mozi ext geenensp
2021-05-07 20:05:12http://109.235.7.1:59156/Mozi.aOfflineelf Mozi ext lrz_urlhaus
2019-10-07 04:12:40http://109.235.7.1:11659/.iOfflinehajime Petras_Simeon

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-07-13 15:22:074293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2025-07-13 14:26:174293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2025-05-13 12:25:094293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2025-05-13 12:02:124293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2025-03-24 03:04:034293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2023-06-28 10:22:054293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2023-01-03 14:00:074293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2023-01-03 13:33:044293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2023-01-03 11:04:044293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2022-09-05 15:05:044293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2022-03-31 20:34:044293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2022-03-05 17:34:044293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2022-02-19 17:42:034293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2022-02-19 17:11:074293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2021-12-14 04:49:074293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2021-12-14 02:57:144293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2021-12-12 23:19:064293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2021-05-26 06:57:082e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-05-23 23:04:142e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-05-22 01:49:232e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-05-12 21:20:182e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-05-09 19:36:102e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-05-07 20:05:122e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2020-04-10 22:57:0903cf679dbda2855e294b1921cb98216e2cc0d7d00b902fb226e3a89598c6ef9celf  
2020-02-25 07:00:17ff7be862ce8598ec2193df64170942518445c558bfd6b13b59453f1ea0b5aa9delf  
2019-11-20 06:47:45c600bed36ee531056fc5dd8b5573ac3a1e0218738cf43fad644f1b743eded201elf  
2019-11-10 19:15:59a6ffc5f875944f63ee69dcf49460d2b7392ce9214c3c5f7a3b34a80ed1ac6680elf  
2019-10-27 06:53:33edd1e9268ff4961c7d0d2364d7215925d38852fa8646636d8edb3e97900e53acelf  
2019-10-25 05:19:10c0b1ac2a4e9df27794b10c8738057ba5476357bd5129bee50a2a1ab9f8183853elf  
2019-10-13 13:38:360df042d54591672fa23878c4f1dc48a75f1ac98e117c6c66d75fdb1276e54860elf  
2019-10-07 04:12:40020f1fa6072108c79ed6f553f4f8b08e157bf17f9c260a76353300230fed09f0elfHajime