URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 196.251.72.149
Firstseen:2025-10-13 05:18:04 UTC
Total malware sites :17
Online malware sites :0 (0%)
Offline Malware sites :17 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-10-13 05:34:26http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced mirai ext opendir ua-wget USA x86 botnetkiller
2025-10-13 05:34:21http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced mirai ext opendir SuperH ua-wget USA botnetkiller
2025-10-13 05:34:21http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf ua-wget abuse_ch
2025-10-13 05:34:20http://196.251.72.149/1.shOfflinegeofenced mirai ext opendir sh ua-wget USA botnetkiller
2025-10-13 05:34:15http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf mirai ext ua-wget abuse_ch
2025-10-13 05:34:14http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlinearm elf geofenced mirai ext opendir ua-wget USA botnetkiller
2025-10-13 05:34:12http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlinearm elf geofenced mirai ext opendir ua-wget USA botnetkiller
2025-10-13 05:18:15http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced m68k mirai ext opendir ua-wget USA botnetkiller
2025-10-13 05:18:15http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlinearm elf geofenced mirai ext opendir ua-wget USA botnetkiller
2025-10-13 05:18:15http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced mirai ext opendir PowerPC ua-wget USA botnetkiller
2025-10-13 05:18:15http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced mirai ext opendir sparc ua-wget USA botnetkiller
2025-10-13 05:18:15http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced mips mirai ext opendir ua-wget USA botnetkiller
2025-10-13 05:18:15http://196.251.72.149/bins/debugOfflineelf geofenced mirai ext opendir ua-wget USA x86 botnetkiller
2025-10-13 05:18:15http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced mirai ext opendir ua-wget USA x86 botnetkiller
2025-10-13 05:18:15http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced mips mirai ext opendir ua-wget USA botnetkiller
2025-10-13 05:18:14http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlinearc elf geofenced mirai ext opendir ua-wget USA botnetkiller
2025-10-13 05:18:10http://196.251.72.149/bins/nwfaiehg4ewijfgriehg...Offlineelf geofenced mirai ext opendir ua-wget USA x86 botnetkiller

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-10-14 21:43:40e480c5556efd90bf1c71eb9a645ad1c7c31b2610f68aec7ac57a28218446484chtml 
2025-10-14 04:27:114a532a6908798015ed84f3658d12fe95810f07e528000514860a2100fd09005celfMirai
2025-10-13 22:50:12f6c6ab098e6e6e673786996e688bd490916b21fbc77a9aafa7e5e8bed9cbe43felf 
2025-10-13 21:44:4414f5afae6cfabb2ccdddcf3a03057d3c3539da9621a2d6a3b1e879dc19479e17elfMirai
2025-10-13 17:09:4743edbdb16def45539b81cf4053f87516c4032549a7c341463f0475909d351bafelfMirai
2025-10-13 16:18:43c8c19604d326a326b1d4c922fa11ea1bdc093699cb34c44a45d9c024a0c3aa81elfMirai
2025-10-13 16:08:2338453474bc49ca72e576d74fe4565f40d434b0fbbfa754ecf3de4bf42e96597felfMirai
2025-10-13 16:03:116a938cb6981ca2bfacc256d6b73ca21eea2963bc2bb62ed133698804b0a0b74delfMirai
2025-10-13 15:29:16e5bdb0b4686906bef39c4f03f1056b0f47945f8edc9e6ec5a5207f5c81d2729belfMirai
2025-10-13 11:55:558a08c19116a537e1212a91a47489256c32f0a72ddafed987eac142c7eeb2f998elfMirai
2025-10-13 11:44:229f8cb3f15f59a5c38c70e03046fadb89449fc13de329b813b92b754110832c4delfMirai
2025-10-13 11:38:28590f87b0cae5f2d9bd58e76b66d9df5b6a230f58edf56545f04241852fff7bfeelfMirai
2025-10-13 11:32:5608093b754e88bafb352c0b38dcd97104d7f34a6f3dbaf37b85f31886371d404eelfMirai
2025-10-13 11:09:3256837963ab6758ee1ffd6735189005083e9de2e56aa8f96a1998473f675a2503elfMirai
2025-10-13 11:09:16ae9a3e7dc4002050dc3c0c8798a66b7210913674a7c6965677d775ac1d6a51d8elfMirai
2025-10-13 10:51:46f41db3a1c7e946fb4fce01fa0db2e756be125a621ff1ce31a289d635230cbc7felfMirai
2025-10-13 10:40:209d26286ca5f6a48616201b47105f25838337bd4149ef3e22f6a642a1fbd4c40belfMirai
2025-10-13 05:34:25d540b03c16119c874f6cf3b129c50ef1e775dcff2a2cae340f066346f41bd701elfMirai
2025-10-13 05:34:2183c44699f208ba16829cd945a185ba3488765ffb4c02db5621bfaf96cff4a505elfMirai
2025-10-13 05:34:207ad677c619791daa0d0c69ffffb20e1dafaa3facaf9071f69ce38745ed5b3657shMirai
2025-10-13 05:34:1502d20dbd0aacfae4e11ee7e0b687dbf021fd01793a1e653f25adaf92508c353eelfMirai
2025-10-13 05:34:13b2c4c343700450797e05be0ac024b847516687730a8b84915e05e023f798e985elfMirai
2025-10-13 05:34:1205b117c6d547b1985acc7c10edd5000fd6066c9b27be97ebc05a6acc1f6b2468elfMirai
2025-10-13 05:18:15c9b1809896dc051d98008a62c93fdbacc05a8993c1607996787ff28114066c6eelfMirai
2025-10-13 05:18:15731fde7ec0fcad4206f932134ffb3a6a291028172e5b0e7d3014179b0976e1a0elfMirai
2025-10-13 05:18:15c5ff7dcb9d097dd9e74cfb244decec581be86d8e344c411718a0d6953ff4c059elfMirai
2025-10-13 05:18:15d650e56b4e42dfe53df497d05b5fd38545330c02ea42351004fa2beb40650d84elfMirai
2025-10-13 05:18:155c61b5bd2242faf6c39a0ca57b5f136b10dad6805633c9f1a366118f5cbbf793elfMirai
2025-10-13 05:18:150350f6c02991e3f61fafb9d6640a337eb2ffeaec9033e56c11442e7cff29684eelfMirai
2025-10-13 05:18:152feb41ba34d15c42a5409c97582400de233e964f7283cb82211ae11ce50f65c1elfMirai
2025-10-13 05:18:141d3bef4d5fc39da2a988e5cb429b2622915252caccaa27a5f92538836e6f7cbfelfMirai
2025-10-13 05:18:14920f4b882c585968562ee43aaf108be9dc06cbe9c81940374fc052fb178132e4elfMirai
2025-10-13 05:18:108ee38c1d023b80712cb074ebcf08b9fadaf38d9bdeda97318beaf07df7a9a971elfMirai