URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	211.237.120.13
Firstseen:	2021-01-11 15:34:25 UTC
Total malware sites :	34
Online malware sites :	0 (0%)
Offline Malware sites :	34 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-10-17 04:52:10	211.237.120.13		Not listed	AS10036 CNM-AS-KR	KR	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-23 17:24:07	http://211.237.120.13:3183/i	Offline	32-bit elf mips Mozi	geenensp
2023-06-23 17:02:09	http://211.237.120.13:3183/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2023-06-22 11:20:11	http://211.237.120.13:3183/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2023-06-05 17:20:24	http://211.237.120.13:2985/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2023-05-29 20:19:21	http://211.237.120.13:2985/i	Offline	32-bit elf mips Mozi	geenensp
2023-05-29 20:00:14	http://211.237.120.13:2985/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2023-05-26 11:14:16	http://211.237.120.13:4474/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2023-05-18 22:28:20	http://211.237.120.13:4474/i	Offline	32-bit elf mips Mozi	geenensp
2023-04-27 19:19:20	http://211.237.120.13:4474/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2022-12-08 19:52:06	http://211.237.120.13:2302/Mozi.a	Offline	elf Mozi	lrz_urlhaus
2022-08-28 11:43:05	http://211.237.120.13:2302/i	Offline	32-bit elf mips Mozi	geenensp
2022-08-28 11:16:08	http://211.237.120.13:2302/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2022-08-24 23:35:07	http://211.237.120.13:2302/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2022-08-17 12:04:06	http://211.237.120.13:2555/Mozi.m	Offline	Mozi	Gandylyan1
2022-06-15 00:30:06	http://211.237.120.13:2265/mozi.m	Offline		tammeto
2022-06-04 03:00:07	http://211.237.120.13:2265/i	Offline	32-bit elf mips Mozi	geenensp
2022-06-04 02:30:08	http://211.237.120.13:2265/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2022-05-23 10:21:06	http://211.237.120.13:4434/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2022-05-22 12:34:08	http://211.237.120.13:4434/i	Offline	32-bit elf mips Mozi	geenensp
2022-05-22 12:00:07	http://211.237.120.13:4434/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2022-05-20 22:20:07	http://211.237.120.13:4292/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2022-05-06 03:00:07	http://211.237.120.13:4399/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2022-04-26 15:29:07	http://211.237.120.13:4399/i	Offline	32-bit elf mips Mozi	geenensp
2022-04-25 02:20:06	http://211.237.120.13:4399/Mozi.a	Offline	elf Mozi	lrz_urlhaus
2022-04-08 19:51:08	http://211.237.120.13:4399/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-12-21 04:05:06	http://211.237.120.13:2938/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-12-10 15:24:05	http://211.237.120.13:2938/i	Offline	32-bit elf mips	geenensp
2020-12-10 15:13:05	http://211.237.120.13:2938/bin.sh	Offline	32-bit elf mips	geenensp
2020-11-07 20:21:06	http://211.237.120.13:2326/Mozi.m	Offline	elf Mozi	lrz_urlhaus
2020-11-02 03:35:07	http://211.237.120.13:2326/i	Offline	32-bit elf mips	geenensp
2020-11-02 03:08:06	http://211.237.120.13:2326/bin.sh	Offline	32-bit elf mips	geenensp
2020-10-23 10:27:05	http://211.237.120.13:4477/i	Offline	32-bit elf mips	geenensp
2020-10-23 09:53:06	http://211.237.120.13:4477/bin.sh	Offline	32-bit elf mips	geenensp
2020-10-17 04:52:10	http://211.237.120.13:4330/Mozi.m	Offline	elf Mozi	lrz_urlhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type
2023-06-23 17:24:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2023-06-23 17:02:08	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2023-06-22 11:20:11	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2023-06-05 17:20:24	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2023-05-29 20:19:21	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2023-05-29 20:00:14	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2023-05-26 11:14:16	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2023-05-18 22:28:20	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2023-04-27 19:19:20	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-12-08 19:52:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-08-28 11:43:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-08-28 11:16:08	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-08-24 23:35:07	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-08-17 12:04:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-06-15 00:30:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-06-04 03:00:07	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-06-04 02:30:08	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-05-23 10:21:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-05-22 12:34:08	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-05-22 12:00:07	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-05-20 22:20:07	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-05-06 03:00:07	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-04-26 15:29:07	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-04-25 02:20:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2022-04-08 19:51:08	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-12-21 04:05:06	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-12-10 15:24:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-12-10 15:13:05	f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8	elf
2020-11-07 20:21:06	798725bcb7292e8b41279521dde20eea17c119e8a37c39dea098091a210f611c	elf
2020-11-02 03:35:07	798725bcb7292e8b41279521dde20eea17c119e8a37c39dea098091a210f611c	elf
2020-11-02 03:08:06	798725bcb7292e8b41279521dde20eea17c119e8a37c39dea098091a210f611c	elf
2020-10-23 10:27:05	798725bcb7292e8b41279521dde20eea17c119e8a37c39dea098091a210f611c	elf
2020-10-23 09:53:06	798725bcb7292e8b41279521dde20eea17c119e8a37c39dea098091a210f611c	elf
2020-10-17 04:52:09	798725bcb7292e8b41279521dde20eea17c119e8a37c39dea098091a210f611c	elf