URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 196.251.107.133
Firstseen:2026-03-07 00:02:05 UTC
Total malware sites :11
Online malware sites :10 (91%)
Offline Malware sites :1 (9%)
Newest active malware site :2026-03-07 08:04:22 UTC
Oldest active malware site :2026-03-07 00:02:21 UTC (Age: 29 days, 21 hours, 53 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-03-07 00:02:21 196.251.107.133SBL678968AS214351 FEMOIT- DEyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-04-05 20:06:16http://196.251.107.133/bins/fak.shOfflineopendir sh ua-wget botnetkiller
2026-03-07 08:04:22http://196.251.107.133/bins/kla.shOnlinemirai ext sh ua-wget BlinkzSec
2026-03-07 00:04:24http://196.251.107.133/bins/parm7Onlineelf mirai ext ua-wget ClearlyNotB
2026-03-07 00:04:24http://196.251.107.133/bins/pmipsOnlineelf mirai ext ua-wget ClearlyNotB
2026-03-07 00:03:17http://196.251.107.133/bins/parm5Onlineelf mirai ext ua-wget ClearlyNotB
2026-03-07 00:03:17http://196.251.107.133/bins/pmpslOnlineelf mirai ext ua-wget ClearlyNotB
2026-03-07 00:03:17http://196.251.107.133/bins/pm68kOnlineelf mirai ext ua-wget ClearlyNotB
2026-03-07 00:02:22http://196.251.107.133/bins/parm6Onlineelf mirai ext ua-wget ClearlyNotB
2026-03-07 00:02:21http://196.251.107.133/bins/psh4Onlineelf mirai ext ua-wget ClearlyNotB
2026-03-07 00:02:21http://196.251.107.133/bins/parmOnlineelf mirai ext ua-wget ClearlyNotB
2026-03-07 00:02:21http://196.251.107.133/bins/px86Onlineelf mirai ext ua-wget ClearlyNotB