URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	138.201.154.194
Firstseen:	2025-08-15 21:02:05 UTC
Total malware sites :	18
Online malware sites :	0 (0%)
Offline Malware sites :	18 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-08-15 21:02:14	138.201.154.194	static.194.154.201.138.clients.your-server.de	Not listed	AS24940 HETZNER-AS	DE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-08-16 13:51:21	http://138.201.154.194/systemcl/arc	Offline	elf ua-wget	abuse_ch
2025-08-16 08:19:25	http://138.201.154.194/systemcl/x86_64	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:24	http://138.201.154.194/systemcl/x86-DEBUG	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:24	http://138.201.154.194/systemcl/ppc	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:24	http://138.201.154.194/systemcl/arm5	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:17	http://138.201.154.194/systemcl/m68k	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:15	http://138.201.154.194/systemcl/spc	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:15	http://138.201.154.194/systemcl/arm6	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:15	http://138.201.154.194/systemcl/arm7	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:11	http://138.201.154.194/systemcl/mpsl	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-16 08:19:11	http://138.201.154.194/systemcl/sh4	Offline	elf geofenced mirai opendir ua-wget USA	botnetkiller
2025-08-15 21:27:12	http://138.201.154.194/wget.sh	Offline	mirai sh ua-wget	BlinkzSec
2025-08-15 21:26:13	http://138.201.154.194/c.sh	Offline	mirai sh ua-wget	BlinkzSec
2025-08-15 21:26:07	http://138.201.154.194/test.sh	Offline	mirai sh ua-wget	BlinkzSec
2025-08-15 21:25:13	http://138.201.154.194/w.sh	Offline	mirai sh ua-wget	BlinkzSec
2025-08-15 21:04:11	http://138.201.154.194/systemcl/arm	Offline	32-bit elf mirai Mozi	threatquery
2025-08-15 21:03:11	http://138.201.154.194/systemcl/x86	Offline	32-bit elf mirai Mozi	threatquery
2025-08-15 21:02:14	http://138.201.154.194/systemcl/mips	Offline	32-bit elf mirai Mozi	threatquery

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-08-19 01:51:40	7b4acd4f11779c0b1016957bad0cbc77b90e630177aeff6c60c09f86d7b744a2	sh	Mirai
2025-08-16 13:00:17	b5d5a320320766751e9a1e31bc6ff850196e0c3f0b5baee15eee600b8a3cdae2	elf	Mirai
2025-08-16 08:19:25	47a0fa2b9aa3ebdb48324d5ad43903187a528176193716db81991191b3d3b230	elf	Mirai
2025-08-16 08:19:21	ac768e9ed9afdb7e8075f1324705d5044d20763605e85d6783035142b075f109	elf	Mirai
2025-08-16 08:19:21	abfd19ac36a02a8d3552a65a6e023b7499af427f7ea558cbc5064b8475bd955e	elf	Mirai
2025-08-16 08:19:21	467ca3ecdb388a31f9687f3f93134ae992fbfbe2936cfbd700c3d198b3b65ecb	elf	Mirai
2025-08-16 08:19:17	19abfca0200531ee5ddc2dd7bc4454af84d9ffe0ef2e12cd2a54fc828ebdc659	elf	Mirai
2025-08-16 08:19:15	7a4627901da5e02ceacaf688cc103b4944a3cf75b4f1f4316ee638893eaa4104	elf	Mirai
2025-08-16 08:19:15	1745a1dc09e108e719186017f4d6f10e1835aa4ba3f74b50b8394e3268c66524	elf	Mirai
2025-08-16 08:19:15	2b4e44a8a37c63ce0a2c007bb22d903ae9d13b643b6b556f4d15199926cdd54c	elf	Mirai
2025-08-16 08:19:11	7365564e3fc5bc60caa91eb8b6b87a6d8da423389be87134899fcd0caaeb3242	elf	Mirai
2025-08-15 21:27:12	0d6704f2b8cb547d4ae52ade3409cb9edf35ec282a6b6bbb04f453054efd891a	sh	Mirai
2025-08-15 21:26:13	f7ed84a0db401c71c87c6adfa25b10533238f06747073cc6b0cd7a7db4366744	sh	Mirai
2025-08-15 21:26:07	1c56ffe87500ec00101d008998df9e93bd0f640c1cb9624ef50a5ba0f112e601	sh	Mirai
2025-08-15 21:25:13	ec13c1bea8619a3c214187e05bb0d9443b55cfb6f042447d9f7c35b35b126237	sh	Mirai
2025-08-15 21:04:11	a2812bf91c1836b0749615f8c92f49b055ed1152a0cfcb03cffb4473388ae1f9	elf	Mirai
2025-08-15 21:03:11	2e9b4bb064c078485eab38389da45cfecd1f865d77cd5c199ae3c2fe195daf72	elf	Mirai
2025-08-15 21:02:13	ad42066092b60784e1579fb3742cf3a41450dacc13b254e9c3a0c5b84aaf0db4	elf	Mirai