URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: elbuzdwine.ru
Domain registrar:RU-CENTER -
Domain registration date:2014-02-10 07:25:53 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-12-09 08:39:09 UTC
Total malware sites :1
A record(s) observed :18

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-10-24 00:05:35 46.173.27.100dukufiru.beget.appNot listedAS198610 BEGET-AS- RUyes
2025-09-18 17:07:59 188.114.97.3Not listedAS13335 CLOUDFLARENETn/ano
2025-09-18 17:07:59 188.114.96.3Not listedAS13335 CLOUDFLARENETn/ano
2025-09-19 17:04:16 104.21.41.219Not listedAS13335 CLOUDFLARENETn/ano
2025-09-19 17:04:16 172.67.194.88Not listedAS13335 CLOUDFLARENETn/ano
2025-05-13 07:29:09 104.21.16.1Not listedAS13335 CLOUDFLARENETn/ano
2025-05-13 07:29:09 104.21.80.1SBL681411AS13335 CLOUDFLARENETn/ano
2025-05-13 07:29:09 104.21.96.1Not listedAS13335 CLOUDFLARENETn/ano
2025-05-13 07:29:09 104.21.64.1Not listedAS13335 CLOUDFLARENETn/ano
2025-05-13 07:29:10 104.21.48.1Not listedAS13335 CLOUDFLARENETn/ano

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-12-09 08:39:15https://elbuzdwine.ru/wp-content/XGSSR8rW/Offlinedoc emotet ext epoch4 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-12-09 18:12:27e167804a6f36dc99e96909bcededa8a733dd8633037b8b52e8d7881d20446c16docHeodo
2021-12-09 17:29:142f3d0aff6f35dff6502af75f678a40b0705e64926d8b0c57b927a8046c0048dddocHeodo
2021-12-09 17:10:15a511af1786b5bb6d9b68fb1d7e717c72592f29bc68fb1280998b39ddfdf35402docHeodo
2021-12-09 16:53:3260070dc681a9f7c4a79a3637402a55b5c3e8fba4a2df0ce681f0b1ff311a360adocHeodo
2021-12-09 16:39:25e7b9c7ae85b65f18519cf9daed5b665424eb5e90d9ea917793d93a57f0a8860adocHeodo
2021-12-09 16:29:286db713111922141d1e216988ca94471878eaf0cdefb37f14a61a6186c9590e19docHeodo
2021-12-09 16:06:205b0eadb028eafbc9bb1285c63f7a0fc68a235c037f04e81324474972367ccfe1docHeodo
2021-12-09 15:54:557c73a4da90b895e4add6c77b040582e03c9b358a4e9c2eb9d6c121371e2de1cedocHeodo
2021-12-09 15:35:307d50155f2fd02aa6067f653d01ca3cd296b9851974f23904b601fbffdff9fcdedocHeodo
2021-12-09 15:27:062812ed1b4143a878e5b39bd51b05072d68465d0fd8fa313fc5c8216170644c47docHeodo
2021-12-09 15:08:24052fa4aa100211ec170bc835ccee15ab601aafbe131ec86a16b553a0b2f17b4adocHeodo
2021-12-09 13:13:53422cdaf95ec5f430f907c9acf9538f9b76473c10d984ea3370753d2bd8a5d7fadocHeodo
2021-12-09 12:48:470be9d6cb334fc62f10b751c241c8f21645a12c17e1ad1ef4439a9ca0ef278ebbdocHeodo
2021-12-09 12:08:22f40d26895ae37340ccc04c2ce8514c7e921ec9047100bbfd7c89a7b0bba61dd1docHeodo
2021-12-09 11:59:253b8b1b6d67f96e2a8ffe58449d0360eb577a46dcedb376d01d0f925c3e6fe857docHeodo
2021-12-09 11:39:4651d5b7b3141cc6a727d7dec0bff69a5e7d551d279656b92eea68fea27b7cad69docHeodo
2021-12-09 11:23:54c0aae33c298bffcb74e4ef5d1cbeab82f111eb9de9a57a16f63c5b0db9744663docHeodo
2021-12-09 11:14:39f469688bceb339010e200f2aa7f2ca3417a9eaa5b326a281d26458287acec4e7docHeodo
2021-12-09 11:05:106f42b72cd9319ce52dc6e13ad170721e4529a8eae6eaa39b519edfc3f0a56ef0docHeodo
2021-12-09 10:27:155be044e26263b5181b3254962210c92a8dd4b9777a0dd18d8d7e4bbdf4e7a5e8docHeodo
2021-12-09 10:23:37432f46caef1c57fcba7f2de3ddfb215a25f0c4e488158953d499b97a7813e808docHeodo
2021-12-09 10:01:00cd1ea8af51f9a123bb2d33fdc34cfaae4db38a389f31d57a7acfac513eba59f3docHeodo
2021-12-09 09:39:305048cc58830b44039d55971bfa5314a0809511010d571ff1763ce09019c23c45docHeodo
2021-12-09 09:18:49f0b7231879367172ffc03d67819ed0582b25245f0dde0e927ab218ca909ed7e2docHeodo
2021-12-09 08:51:07f837a14e07a4863a4e9ad20c7cbe3c779dfa6d32ac4556961879ce6928867bf7docHeodo
2021-12-09 08:39:157771aa9c50f4de4dc1edab86b0be914f2d91fa44c85385667dc1ea0698e001fedoc Heodo