URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	2.off3.ru
Domain registrar:	RU-CENTER
Domain registration date:	2025-03-13 18:33:35 UTC
Spamhaus DBL :	Abused domain (phishing)
SURBL :	Blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2025-11-02 16:10:04 UTC
Total malware sites :	1
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-02-05 08:52:07	151.242.30.226		Not listed	AS214209 INTERNET-MAGNATE	AE	yes
2025-11-03 17:14:04	46.17.41.50		Not listed	AS51659 ASBAXET	RU	no
2025-11-03 17:14:05	94.156.152.139		Not listed	AS214209 INTERNET-MAGNATE	BG	no
2025-11-02 16:10:20	107.189.22.63	63.22.189.107.static.cloudzy.com	Not listed	AS14956 ROUTERHOSTING	NL	no
2025-11-02 16:10:20	45.135.134.90		Not listed	AS51659 ASBAXET	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-11-02 16:10:20	http://2.off3.ru	Online	mirai ua-wget	ClearlyNotB

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2026-02-06 13:30:26	3b8413d98d4afaa76c6a33f0e0faf57eada9a99fec9809fca1f6eced2841b87f	elf		Mirai
2025-11-02 16:12:40	1a698a6c4f1c78ea5caeb43b37a8f830f102e90aa66b71c2a8f7b46ad67b2017	elf		Mirai