URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 61.52.11.87
Firstseen:2020-09-21 17:16:02 UTC
Total malware sites :15
Online malware sites :0 (0%)
Offline Malware sites :15 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2020-09-21 17:16:05 61.52.11.87hn.kd.dhcpNot listedAS4837 CHINA169-Backbone- CNyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-05-01 16:28:18http://61.52.11.87:43610/iOffline geenensp
2021-05-01 16:05:16http://61.52.11.87:43610/bin.shOffline geenensp
2021-04-19 07:41:08http://61.52.11.87:43610/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2021-04-15 22:54:06http://61.52.11.87:43610/Mozi.aOfflineelf Mozi ext lrz_urlhaus
2021-03-21 01:20:06http://61.52.11.87:51728/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2021-01-27 11:20:07http://61.52.11.87:59450/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2021-01-16 04:08:04http://61.52.11.87:40655/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2020-11-24 19:11:04http://61.52.11.87:51338/iOffline32-bit elf mips geenensp
2020-11-24 18:57:04http://61.52.11.87:51338/bin.shOffline32-bit elf mips geenensp
2020-11-24 09:36:04http://61.52.11.87:51338/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2020-11-10 07:52:51http://61.52.11.87:42840/bin.shOffline32-bit elf mips geenensp
2020-10-13 21:21:05http://61.52.11.87:42840/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2020-10-10 05:07:05http://61.52.11.87:50797/Mozi.mOfflineelf Mozi ext lrz_urlhaus
2020-09-29 18:08:07http://61.52.11.87:59768/Mozi.aOfflineelf Mozi ext lrz_urlhaus
2020-09-21 17:16:05http://61.52.11.87:59768/Mozi.mOfflineelf Mozi ext lrz_urlhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-05-01 16:28:182e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-05-01 16:05:162e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-04-19 07:41:082e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-04-15 22:54:062e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-03-30 18:20:30249f1190d8ef2bf15a8df68d1b3d4daa8828cd2949049f69216b9e29183ec613elf  
2021-03-30 16:18:594ac557dfb898c8afadea539fdc740ba538b3304df76c16f989a2a0507ceb758celf  
2021-03-24 06:38:56475aad916cf4815f985cd89e85034f52a84a8904ac12aa6efe6bd0fcffc7b44belf  
2021-03-24 05:05:1037fbe934e0a63efd6d9d10b7091415fd01647b20fda7f8f8440a1f18905bb876elf  
2021-03-22 12:44:448d12149bdc4c91c5dbf520bcea3c4966881b75f003559941ff8b54742e428837elf  
2021-03-22 09:38:3676d0ca44c775bd55fdc4900a224400625b3ff70cf8561143538e7fe2c5668bf0elf  
2021-03-21 01:20:062e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2021-01-27 11:20:074293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2021-01-16 04:08:044293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7elfMozi
2020-11-24 19:11:04b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605elf  
2020-11-24 18:57:04b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605elf  
2020-11-24 09:36:04b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605elf  
2020-11-10 08:18:11b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605elf  
2020-10-13 21:21:05b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605elf  
2020-10-10 05:07:05b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605elf  
2020-09-29 18:08:072e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf  
2020-09-21 17:16:042e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6elf