URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	els-desnogorsk.ru
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-10-16 20:42:03 UTC
Total malware sites :	1
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-07-11 08:24:30	185.26.122.4	serv4-26.hostland.ru	Not listed	AS62082 HOSTLAND	RU	no
2020-10-22 12:00:15	185.26.122.51	serv51-26.hostland.ru	Not listed	AS62082 HOSTLAND	RU	no
2020-10-16 20:42:04	185.26.122.46	serv46-26.hostland.ru	Not listed	AS62082 HOSTLAND	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-10-16 20:42:04	http://els-desnogorsk.ru/blogs/invoice/cr627t5/	Offline	doc emotet epoch2 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-10-17 02:46:47	d19c1e922354570a8700f8dc25900a7c8ae4bee4b08908a4c6cad2309eff1ba1	doc	Heodo
2020-10-17 02:34:30	61cf4ff84de3e35dd24e8df00464aa832912b8c378cbffc5da91abc576c809fd	doc	Heodo
2020-10-17 02:08:25	19b133b4ad7b5c3072ca746a89f06864d39ca4c8985ddfb2eeadd125ff5cd7a7	doc	Heodo
2020-10-17 01:28:29	eb06448eea7b0d73132945671275ea572688e13de195a89974d8315900ff8cb7	doc	Heodo
2020-10-17 01:03:41	af4011781c0a2add45a6f72b8d52e5bd7d7381ff28c93e478dede0ff100ff237	doc	Heodo
2020-10-17 00:45:42	72bc6543f22de398e1374caed638e9a1d24ec0b37a5fa9b5ac10ade7559ab839	doc	Heodo
2020-10-17 00:20:51	1f9fcb8ad3585c6cbf7250308fc58ebd7fd913baf350cbd3d7fd8934c9e33e43	doc	Heodo
2020-10-16 23:41:59	3772d83153c2d54a8a3dd72055370d3db69948bf4eafeb69018ce518c7801d05	doc	Heodo
2020-10-16 23:29:33	53467ef76cb2d0f4cc9404439089220dd6d34680c167f2f062307713724ee9bb	doc	Heodo
2020-10-16 23:08:15	bf79372e0c3a2b7a3b0df0f3994621206443404f5c382b8ad5e5c609c6b0e043	doc	Heodo
2020-10-16 22:40:08	6539d2ac4a847b3444866e22b642a335e3d8b92d40031a090fa315aef1af2930	doc	Heodo
2020-10-16 22:15:53	050d172a5e413b5f0a7a68bbbb0684b485f20b0b5f89bf3f9711b0c8e844b723	doc	Heodo
2020-10-16 21:39:39	59330f6abd11ccf8373697955746b598be71ca8c69774640b41ebd9650abb398	doc	Heodo
2020-10-16 21:26:27	8e4239eda8a4993212d0de12a0e6fb748c995f1a89e8fab3417a0140b9f650d8	doc	Heodo
2020-10-16 20:54:24	1c3dd09ac057aa6b432e637992b2d3f2dac3ec4212fbd51771b0bfd7be470110	doc	Heodo
2020-10-16 20:42:04	0592df728f9353ff5f892eba34b3e4a89511bebcf05071738614f9c16c4c640a	doc	Heodo