URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 138.204.196.136
Firstseen:2025-04-21 08:21:02 UTC
Total malware sites :22
Online malware sites :0 (0%)
Offline Malware sites :22 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-21 08:21:05 138.204.196.136138-204-196-136.iubtelecom.net.brNot listedAS263904 IUB_Telecom_Ltda- BRyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-01-20 05:02:07http://138.204.196.136:54674/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-12-29 18:52:11http://138.204.196.136:39631/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-12-29 18:23:30http://138.204.196.136:39631/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-11-05 10:55:09http://138.204.196.136:43399/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-11-05 10:28:16http://138.204.196.136:43399/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-09-25 16:22:28http://138.204.196.136:49092/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-09-25 15:47:20http://138.204.196.136:49092/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-09-20 18:28:18http://138.204.196.136:49719/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-09-20 18:02:18http://138.204.196.136:49719/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-08-16 10:35:14http://138.204.196.136:56055/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-08-16 09:42:15http://138.204.196.136:56055/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-08-01 10:39:06http://138.204.196.136:42127/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-08-01 10:18:07http://138.204.196.136:42127/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-07-08 18:06:11http://138.204.196.136:44468/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-07-08 15:19:07http://138.204.196.136:44468/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-06-30 23:55:07http://138.204.196.136:39621/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-06-30 23:23:09http://138.204.196.136:39621/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-05-28 22:17:09http://138.204.196.136:37024/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-05-28 21:49:05http://138.204.196.136:37024/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-05-20 03:03:10http://138.204.196.136:55503/iOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-05-20 02:40:15http://138.204.196.136:55503/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp
2025-04-21 08:21:05http://138.204.196.136:47990/bin.shOffline32-bit arm elf mirai ext Mozi ext geenensp

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-01-20 05:02:0712013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-12-29 18:52:1112013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-12-29 18:23:3012013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-11-05 10:55:0912013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-11-05 10:28:1612013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-09-25 21:50:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-09-25 16:22:2812013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-09-20 18:28:1812013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-09-20 18:02:1812013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-08-16 10:35:1412013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-08-16 09:42:1512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-08-01 10:39:0612013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-08-01 10:18:0712013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-07-08 18:06:1112013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-07-08 15:19:0712013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-06-30 23:55:0612013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-06-30 23:23:0912013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-05-28 22:17:0912013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-05-28 21:49:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-05-20 03:03:1012013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-05-20 02:40:1512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai
2025-04-21 08:21:0512013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0efelfMirai