URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 36.49.65.2
Firstseen:2025-01-23 22:34:02 UTC
Total malware sites :22
Online malware sites :0 (0%)
Offline Malware sites :22 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-01-23 22:34:04 36.49.65.2Not listedAS4134 CHINANET-BACKBONE- CNyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-01-12 09:01:12http://36.49.65.2:52749/iOffline32-bit elf mirai ext Mozi ext threatquery
2025-03-20 11:20:07http://36.49.65.2:47611/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-03-20 10:42:06http://36.49.65.2:47611/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-03-18 17:13:05http://36.49.65.2:37539/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-03-18 16:33:06http://36.49.65.2:37539/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-03-14 19:49:06http://36.49.65.2:44937/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-03-13 17:25:05http://36.49.65.2:43301/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-03-13 16:33:06http://36.49.65.2:43301/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-03-07 12:00:04http://36.49.65.2:34735/.iOfflinehajime geenensp
2025-02-27 17:04:07http://36.49.65.2:50243/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-02-27 16:38:14http://36.49.65.2:50243/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-02-27 12:03:05http://36.49.65.2:50243/Mozi.mOfflinemirai ext Mozi ext Gandylyan1
2025-02-23 18:07:05http://36.49.65.2:36291/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-02-23 17:42:05http://36.49.65.2:36291/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-02-16 13:32:06http://36.49.65.2:38259/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-02-16 13:03:05http://36.49.65.2:38259/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-02-06 18:39:33http://36.49.65.2:49025/iOffline32-bit arm elf Mozi ext geenensp
2025-02-06 18:17:06http://36.49.65.2:49025/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-02-05 01:04:08http://36.49.65.2:52485/Mozi.mOfflineelf mirai ext Mozi ext lrz_urlhaus
2025-02-01 05:03:05http://36.49.65.2:59481/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-02-01 04:49:05http://36.49.65.2:59481/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-01-23 22:34:04http://36.49.65.2:34735/iOfflineelf hajime DaveLikesMalwre

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-01-12 09:01:1212013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-03-23 19:31:43dcaf0d697c1d9e9e0fa704828421b28b017bd4d6a5faf96deeb5ae80c21ed6a8unknown  
2025-03-23 19:15:49dcaf0d697c1d9e9e0fa704828421b28b017bd4d6a5faf96deeb5ae80c21ed6a8unknown  
2025-03-20 11:20:0712013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-03-20 10:42:0612013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-03-18 17:13:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-03-18 16:33:0612013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-03-14 19:49:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-03-13 17:25:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-03-13 16:33:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-03-07 12:00:04a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3elfHajime
2025-02-27 17:04:0712013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-27 16:38:1412013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-27 12:03:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-23 18:07:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-23 17:42:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-16 13:32:0612013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-16 13:03:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-06 18:17:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-05 01:04:0812013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-01 05:03:0412013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-02-01 04:49:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-01-23 22:34:04a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3elfHajime