URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	181.79.85.69
Firstseen:	2025-07-24 12:15:06 UTC
Total malware sites :	17
Online malware sites :	2 (12%)
Offline Malware sites :	15 (88%)
Newest active malware site :	2026-02-03 10:53:28 UTC
Oldest active malware site :	2026-02-03 10:22:06 UTC (Age: 4 days, 7 hours, 46 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-07-24 12:15:10	181.79.85.69		Not listed	AS52468 UFINET_PANAMA_S.A.	CO	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-02-03 10:53:28	http://181.79.85.69:6041/i	Online	32-bit elf mips Mozi	geenensp
2026-02-03 10:22:06	http://181.79.85.69:6041/bin.sh	Online	32-bit elf mips Mozi	geenensp
2026-01-23 21:02:22	http://181.79.85.69:9426/i	Offline	32-bit elf Mozi	threatquery
2026-01-01 11:52:18	http://181.79.85.69:7223/i	Offline	32-bit elf mips Mozi	geenensp
2026-01-01 11:24:20	http://181.79.85.69:7223/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-11-25 06:47:16	http://181.79.85.69:5030/i	Offline	32-bit elf mips Mozi	geenensp
2025-11-17 03:01:06	http://181.79.85.69/i	Offline	Mozi	threatquery
2025-11-17 03:01:06	http://181.79.85.69/bin.sh	Offline	Mozi	threatquery
2025-11-11 20:12:12	http://181.79.85.69:5504/i	Offline	32-bit elf mips Mozi	geenensp
2025-11-11 20:04:06	http://181.79.85.69:5504/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-10-30 13:41:14	http://181.79.85.69:10438/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-10-28 17:11:16	http://181.79.85.69:10438/i	Offline	32-bit elf mips Mozi	geenensp
2025-08-26 03:16:34	http://181.79.85.69:9541/i	Offline	32-bit elf mips Mozi	geenensp
2025-08-26 03:16:24	http://181.79.85.69:9541/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-08-19 18:44:09	http://181.79.85.69:9877/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-07-24 12:39:07	http://181.79.85.69:9082/i	Offline	32-bit elf mips Mozi	geenensp
2025-07-24 12:15:10	http://181.79.85.69:9082/bin.sh	Offline	32-bit elf mips Mozi	geenensp

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-02-03 12:09:21	b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605	elf
2026-02-03 10:22:06	b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605	elf
2026-01-23 21:02:21	b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605	elf
2026-01-01 11:52:18	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2026-01-01 11:24:20	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-11-25 06:47:16	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-11-11 20:12:12	b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605	elf
2025-11-11 20:04:06	b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605	elf
2025-10-30 13:41:14	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-10-28 17:11:16	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-08-26 03:16:34	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-08-26 03:16:23	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-08-19 18:44:09	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-07-24 12:39:07	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-07-24 12:15:09	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi