URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-10-24 03:04:10	211.14.236.80	d-211-14-236-080.ftth.katch.ne.jp	Not listed	AS59108 MAINT-JPNIC	JP	yes

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-04-17 08:50:06	http://211.14.236.80:59844/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2022-01-12 00:06:06	http://211.14.236.80:42136/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2022-01-04 01:50:05	http://211.14.236.80:52124/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2021-12-30 17:06:15	http://211.14.236.80:58876/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2021-12-25 09:50:06	http://211.14.236.80:45953/i	Offline	32-bit elf mips Mozi	geenensp
2021-12-25 08:19:05	http://211.14.236.80:45953/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2021-12-21 15:21:10	http://211.14.236.80:55131/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2021-12-20 08:51:12	http://211.14.236.80:44515/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2021-09-13 14:52:05	http://211.14.236.80:35435/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2021-07-27 00:07:17	http://211.14.236.80:58711/Mozi.m	Offline	elf mirai Mozi	lrz_urlhaus
2020-12-04 20:50:06	http://211.14.236.80:48605/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-11-19 21:50:06	http://211.14.236.80:46464/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-11-07 12:06:09	http://211.14.236.80:49209/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-11-06 19:35:05	http://211.14.236.80:56009/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-11-01 16:06:05	http://211.14.236.80:45645/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-10-30 07:51:06	http://211.14.236.80:51291/Mozi.m	Offline	elf mirai Mozi	lrz_urlhaus
2020-10-28 04:35:05	http://211.14.236.80:37419/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-10-24 03:04:10	http://211.14.236.80:51573/Mozi.m	Offline	Mozi	Gandylyan1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-04-17 08:50:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-01-12 00:06:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-01-04 01:50:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2021-12-30 17:06:15	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2021-12-25 09:50:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2021-12-25 08:19:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2021-12-21 15:21:10	e792df1b95a5bf6ca1ef0a2436026a7252d4692d49b3b32ec49bddf876f040cc	elf
2021-12-20 08:51:12	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2021-09-13 14:52:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2021-07-27 00:07:17	9e0a15a4318e3e788bad61398b8a40d4916d63ab27b47f3bdbe329c462193600	elf		Mirai
2020-12-04 20:50:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-11-19 21:50:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-11-07 12:25:17	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-11-06 19:35:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-11-01 16:06:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-10-30 07:51:06	9e0a15a4318e3e788bad61398b8a40d4916d63ab27b47f3bdbe329c462193600	elf		Mirai
2020-10-28 04:35:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-10-24 03:04:09	cb03a733ede34b0866751ad4267a079716e16e85aa0c12d2c1479c8a0fddb1f4	elf