URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	72.29.46.195
Firstseen:	2023-06-08 09:21:03 UTC
Total malware sites :	16
Online malware sites :	2 (13%)
Offline Malware sites :	14 (88%)
Newest active malware site :	2025-11-23 01:44:16 UTC
Oldest active malware site :	2025-11-22 21:44:18 UTC (Age: 4 days, 20 hours, 52 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-06-08 09:21:28	72.29.46.195	dsl-72-29-46-195.potc.net	Not listed	AS395107 RTI	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-11-23 01:44:16	http://72.29.46.195:60189/bin.sh	Online	32-bit elf mips Mozi	geenensp
2025-11-22 21:44:18	http://72.29.46.195:60189/i	Online	32-bit elf mips Mozi	geenensp
2025-10-27 15:01:14	http://72.29.46.195:49318/i	Offline	32-bit elf Mozi	threatquery
2025-09-05 04:55:21	http://72.29.46.195:60944/i	Offline	32-bit elf mips Mozi	geenensp
2025-09-05 04:31:07	http://72.29.46.195:60944/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-08-08 18:59:08	http://72.29.46.195:36681/i	Offline	32-bit elf mips Mozi	geenensp
2025-08-07 03:51:07	http://72.29.46.195:36681/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-04-30 04:26:13	http://72.29.46.195:33411/i	Offline	32-bit elf mips Mozi	geenensp
2025-04-29 22:29:11	http://72.29.46.195:33411/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-04-14 22:14:05	http://72.29.46.195:47587/i	Offline	32-bit elf mips Mozi	geenensp
2025-04-14 18:50:06	http://72.29.46.195:47587/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-02-06 09:57:05	http://72.29.46.195:48817/i	Offline	32-bit elf mips Mozi	geenensp
2025-02-05 09:54:05	http://72.29.46.195:48817/bin.sh	Offline	32-bit elf mips Mozi	geenensp
2025-02-04 06:36:06	http://72.29.46.195:33778/i	Offline	32-bit elf mips Mozi	geenensp
2024-04-04 21:17:08	http://72.29.46.195:36782/i	Offline	32-bit elf mips Mozi	geenensp
2023-06-08 09:21:28	http://72.29.46.195:54802/Mozi.m	Offline	elf Mozi	lrz_urlhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-11-23 01:44:16	2e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6	elf
2025-11-22 21:44:18	2e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6	elf
2025-10-27 15:01:14	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-09-05 04:55:21	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-09-05 04:31:07	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-08-08 18:59:08	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-08-07 03:51:07	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-04-30 04:26:13	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-04-29 22:29:11	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-04-14 22:14:05	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-04-14 18:50:06	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-02-06 09:57:05	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-02-05 09:54:05	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2025-02-04 06:36:06	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2024-04-04 21:17:08	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi
2023-06-08 09:21:22	4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7	elf	Mozi