URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 196.251.73.215
Firstseen:2025-08-22 08:19:05 UTC
Total malware sites :17
Online malware sites :0 (0%)
Offline Malware sites :17 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-08-23 06:07:07http://196.251.73.215/1.shOfflinemirai ext script geenensp
2025-08-22 09:35:17http://196.251.73.215/00101010101001/debugOfflineelf mirai ext ua-wget BlinkzSec
2025-08-22 08:20:15http://196.251.73.215/00101010101001/morte.arcOfflineelf mirai ext ua-wget abuse_ch
2025-08-22 08:20:15http://196.251.73.215/00101010101001/morte.armOfflineelf mirai ext ua-wget abuse_ch
2025-08-22 08:20:13http://196.251.73.215/00101010101001/morte.arm5Offlineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:33http://196.251.73.215/00101010101001/morte.x86_64Offlineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:33http://196.251.73.215/00101010101001/morte.ppcOfflineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:25http://196.251.73.215/00101010101001/morte.m68kOfflineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:23http://196.251.73.215/00101010101001/morte.i468Offlineelf ua-wget abuse_ch
2025-08-22 08:19:22http://196.251.73.215/00101010101001/morte.i686Offlineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:22http://196.251.73.215/00101010101001/morte.arm7Offlineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:22http://196.251.73.215/00101010101001/morte.x86Offlineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:22http://196.251.73.215/00101010101001/morte.spcOfflineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:22http://196.251.73.215/00101010101001/morte.sh4Offlineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:22http://196.251.73.215/00101010101001/morte.mipsOfflineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:20http://196.251.73.215/00101010101001/morte.arm6Offlineelf mirai ext ua-wget abuse_ch
2025-08-22 08:19:20http://196.251.73.215/00101010101001/morte.mpslOfflineelf mirai ext ua-wget abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-08-23 06:07:073d2acd9571f1e62e42aaf6d34a320d96eb07a1d4b16cce9dc74885aeb0b03f4fshMirai
2025-08-22 09:35:17bedef16a966813f5ad09e764acb5021db4197138fc67e125adc5dccbebf78f36elfMirai
2025-08-22 08:20:15537bf941eb034d76632909f39a03d5e018f433c09be32d7bd6c4b9d89d1fe764elfMirai
2025-08-22 08:20:1508516780febe4d87e6104cd34e313ec0542dfd6ab0e51022f0d4e00e2a533c20elfMirai
2025-08-22 08:20:134b8a0d8113d0f2d71abc0fef204c1a05d3144c59e727666e519283489693f116elfMirai
2025-08-22 08:19:33e656926beee61ada6d06880d8b23a47941231d04c90683fe9ea2edb12980b71felfMirai
2025-08-22 08:19:3362a70e26cea6c21fcaf3750479ba6222e1a655b26f05978bdd04ea221722f0e7elfMirai
2025-08-22 08:19:257de8085dd54c5ea46dda7f42c2c4da30088dc43e27e46f40defa96f23f5a2a52elfMirai
2025-08-22 08:19:22dd1b6595a3a898630f14f8a55a695c2e501cbeb3c909bff9ceb29537c2127ab4elfMirai
2025-08-22 08:19:22c2bc223a2d9c0716ae88f1f3c197342982753679782d2bf685eb0b0098fb3191elfMirai
2025-08-22 08:19:226622164c76b52290e0fedd1eea0ce0940188f8ac40db272eb0627ace7628b3feelfMirai
2025-08-22 08:19:22e8099bae8e84278b060f8651d0f601d2e3de08797024a0a13dba0138b3095b43elfMirai
2025-08-22 08:19:227530228f8f2c854bd6b3a5b1c6eba9f554bc37f69d195fb0355eabdbfa790f26elfMirai
2025-08-22 08:19:22f036a7842232a000fd0a07d87feddd0d7b8b54b3d32f7d92a2addcca2d563548elfMirai
2025-08-22 08:19:2009b59c56685eec32cb847b6596ffd452c2ecc580212d2ef58bbba09f78b67003elfMirai
2025-08-22 08:19:201a62aabc26ace9ee3e99e2dff5a2237f8a1f1e36dfbfcbc2c9bf5f6beb8d00f1elfMirai