URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 154.53.37.227
Firstseen:2026-04-07 06:43:04 UTC
Total malware sites :17
Online malware sites :0 (0%)
Offline Malware sites :17 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-04-07 06:43:06 154.53.37.227vmi912201.contaboserver.netNot listedAS40021 CONTABO-40021- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2026-04-07 11:20:23http://154.53.37.227/windyloveyou/windy.i468Offlineelf ua-wget abuse_ch
2026-04-07 10:16:16http://154.53.37.227/windyloveyou/debugOffline154-53-37-227 elf mirai ext ua-wget BlinkzSec
2026-04-07 06:44:10http://154.53.37.227/windyloveyou/windy.arm5Offlinemirai ext adliwahid
2026-04-07 06:44:10http://154.53.37.227/windyloveyou/windy.arcOfflinemirai ext adliwahid
2026-04-07 06:44:10http://154.53.37.227/windyloveyou/windy.i686Offlinemirai ext adliwahid
2026-04-07 06:44:10http://154.53.37.227/windyloveyou/windy.arm7Offlinemirai ext adliwahid
2026-04-07 06:44:10http://154.53.37.227/windyloveyou/windy.mipsOfflinemirai ext adliwahid
2026-04-07 06:44:10http://154.53.37.227/windyloveyou/windy.m68kOfflinemirai ext adliwahid
2026-04-07 06:44:09http://154.53.37.227/windyloveyou/windy.armOfflinemirai ext adliwahid
2026-04-07 06:44:09http://154.53.37.227/windyloveyou/windy.x86Offlinemirai ext adliwahid
2026-04-07 06:44:09http://154.53.37.227/windyloveyou/windy.ppcOfflinemirai ext adliwahid
2026-04-07 06:44:09http://154.53.37.227/windyloveyou/windy.arm6Offlinemirai ext adliwahid
2026-04-07 06:44:09http://154.53.37.227/windyloveyou/windy.sh4Offlinemirai ext adliwahid
2026-04-07 06:44:08http://154.53.37.227/windyloveyou/windy.mpslOfflinemirai ext adliwahid
2026-04-07 06:44:08http://154.53.37.227/1.shOfflinemirai ext adliwahid
2026-04-07 06:43:06http://154.53.37.227/windyloveyou/windy.x86_64Offlinemirai ext adliwahid
2026-04-07 06:43:06http://154.53.37.227/windyloveyou/windy.spcOfflinemirai ext adliwahid

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-04-07 10:16:1698b443372c7329d0f7dc8e00e8b4aa22d591c09fc7ef90d453aab1a0f3162b53elfMirai
2026-04-07 06:44:10ba7fdb4560a4f0e332d2ae4376e52e805d2e3bf71432fa3fefd12a5d30d40978elfMirai
2026-04-07 06:44:10d6cfabe9c8614ce0a338a3bca5859bb396f24a290da768e974c5b8482c6591b6elfMirai
2026-04-07 06:44:109b63ebef7f6ad31bc9bbcb7ced55570fa1547d8690eeb3e55bac95b7a4e6c784elfMirai
2026-04-07 06:44:102baaa3d0f641a498a55717aedce89f7124497831eca797738ea599ae6a1e9944elfMirai
2026-04-07 06:44:104ca1ee4c0acfce6e7044a9607312116c36cf1e3df57c396b5b6d8b23235c357celfMirai
2026-04-07 06:44:10dccb78ecfde0c12a10f1593fde4766ef7585759b5f02ec1419f2c2d094610e16elfMirai
2026-04-07 06:44:0923281be23caaca8a875aa064623e8c17dcaa0599e3f57a80e54a73b664ad322eelfMirai
2026-04-07 06:44:09d78c0d7586c249e915dd01c1c9f3636d7318f16c66e650ce53b3e86286947770elfMirai
2026-04-07 06:44:09016fdd1497c7ede367e3f004ca8bdc379e4542c0cdd808fa4555aedf2cb18106elfMirai
2026-04-07 06:44:0819f33c08065cad6e4ad86e518c391d1d9469c623d30a9bbd5f39269c7983ff79shMirai
2026-04-07 06:44:0879ad367f9583e51c6ef06ef3d4ab9e0bce19b39813886e86b1fe6a00b4b7b12eelfMirai
2026-04-07 06:44:0835206386f51d3be9d253a67e40c65cc93b604f91f0fcdaeb37470a027f3517d0elfMirai
2026-04-07 06:44:08245e01086d02c587005e16c0445aec64a3b6d679f36592b7f0ca2c04c1e6dcf1elfMirai
2026-04-07 06:43:06bb8dd16fffb5f78d3e8919df1b020fe413c2e9fadb5a573a78a33bce32f1bb21elfMirai
2026-04-07 06:43:06881c1149eccd4873c708162c1fd8c4aaefce5969dbc52f5d2468d62745fb2011elfMirai