URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 120.28.218.245
Firstseen:2025-11-03 13:26:05 UTC
Total malware sites :11
Online malware sites :0 (0%)
Offline Malware sites :11 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-11-03 13:26:17 120.28.218.245Not listedAS132199 GLOBE-MOBILE-5TH-GEN-AS- PHyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-03-28 02:52:06http://120.28.218.245:60982/bin.shOfflinemirai ext GAYINT_DOT_ORG
2026-03-27 05:25:16http://120.28.218.245:60982/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2026-03-18 10:24:17http://120.28.218.245:56721/bin.shOfflinemirai ext GAYINT_DOT_ORG
2026-03-18 10:24:08http://120.28.218.245:56721/iOfflinemirai ext GAYINT_DOT_ORG
2025-12-29 23:48:13http://120.28.218.245:41526/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-12-29 10:48:10http://120.28.218.245:41526/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-12-22 11:30:31http://120.28.218.245:48047/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-12-18 15:03:15http://120.28.218.245:48047/iOffline32-bit elf mirai ext Mozi ext threatquery
2025-11-29 16:42:10http://120.28.218.245:36131/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-11-29 16:17:12http://120.28.218.245:36131/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-11-03 13:26:17http://120.28.218.245:55391/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp