URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 45.153.34.54 |
|---|---|
| Firstseen: | 2025-08-17 07:39:04 UTC |
| Total malware sites : | 11 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 11 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-08-17 07:39:19 | 45.153.34.54 | hosted-by.vmheaven.io | SBL679667 | AS51396 PFCLOUD |  NL | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-08-18 08:40:51 | http://45.153.34.54/.udevmon | Offline | elf mirai  ua-wget |  abuse_ch |
| 2025-08-18 08:40:51 | http://45.153.34.54/.netd | Offline | elf mirai ua-wget | abuse_ch |
| 2025-08-18 08:40:51 | http://45.153.34.54/.kthreadd | Offline | elf mirai ua-wget | abuse_ch |
| 2025-08-18 08:40:50 | http://45.153.34.54/.ksysd | Offline | elf mirai ua-wget | abuse_ch |
| 2025-08-18 08:40:46 | http://45.153.34.54/.syncd | Offline | elf mirai ua-wget | abuse_ch |
| 2025-08-18 08:40:46 | http://45.153.34.54/.upstart | Offline | elf mirai ua-wget | abuse_ch |
| 2025-08-18 08:40:46 | http://45.153.34.54/.rsysl | Offline | elf mirai ua-wget | abuse_ch |
| 2025-08-18 08:40:45 | http://45.153.34.54/.klogd | Offline | elf mirai ua-wget | abuse_ch |
| 2025-08-18 08:40:45 | http://45.153.34.54/.irqphual | Offline | elf ua-wget | abuse_ch |
| 2025-08-18 08:40:45 | http://45.153.34.54/.modprophue | Offline | elf ua-wget | abuse_ch |
| 2025-08-17 07:39:19 | http://45.153.34.54/sh.sh | Offline | mirai script |  geenensp |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-08-18 08:40:51 | 5666457906e77e9b2093eb45926d31d7492e13917c4a77e834d20ebe1c8e05ab | elf | Mirai | |
| 2025-08-18 08:40:51 | 2c3dfa2cfc986c258bde3109b2d6810795405f08f8bf4077d891cf84b81ffb7b | elf | Mirai | |
| 2025-08-18 08:40:51 | eec4325549cb7bd3893de5911826d45ee53146dc6b046df9fbdd2d057a93a69a | elf | Mirai | |
| 2025-08-18 08:40:50 | ce3856890d8e6742373483cbe3f91f43d2ffe46d9cfb477ec2ba527cbfe757f3 | elf | Mirai | |
| 2025-08-18 08:40:46 | 7f4576f600964cf6db8967142a39f458104122913f724a9c7d63d1fd6e7a93c4 | elf | Mirai | |
| 2025-08-18 08:40:46 | 764ee0c4752eb4edd4614d9778a2cc86380e51ef4ae18ed9ac9370985e50e968 | elf | Mirai | |
| 2025-08-18 08:40:46 | e0d449333f59991c357fd63845a63e93bee601a41c179080be1a16a3e81eb963 | elf | Mirai | |
| 2025-08-18 08:40:45 | 789833dba9d740b8b32b7ed37b913909b45ebbfde8b6d2785fcf211e7f202b8a | elf | Mirai | |
| 2025-08-17 19:19:04 | caf58623fa44a2e4388569c63bb627b67fb7996e3f0cc0b2a2ced4688c6d0379 | sh | Mirai |