URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: kakhun.ru
Spamhaus DBL :Abused domain (malware)
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2018-06-28 03:54:01 UTC
Total malware sites :4
Online malware sites :2 (50%)
Offline Malware sites :2 (50%)
Newest active malware site :2018-06-28 05:39:30 UTC
Oldest active malware site :2018-06-28 03:54:03 UTC (Age: 7 years, 6 months, 4 days, 19 hours, 49 minutes)
A record(s) observed :4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-29 14:58:54 91.106.207.67m2.plank.beget.comNot listedAS198610 BEGET-AS- RUyes
2018-09-29 06:10:57 5.101.152.180m2.nostromo.beget.comNot listedAS198610 BEGET-AS- RUno
2018-07-03 23:21:30 87.236.19.55m2.dock3.beget.comNot listedAS198610 BEGET-AS- RUno
2018-06-28 03:54:03 87.236.19.228Not listedAS198610 BEGET-AS- RUno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2018-07-02 16:26:52http://kakhun.ru/ACCOUNT/Invoices/Offlinedoc emotet ext heodo ext Anonymous
2018-06-30 06:07:28http://kakhun.ru/Factura-adjuntoOfflineemotet ext heodo ext p5yb34m
2018-06-28 05:39:30http://kakhun.ru/Past-Due-InvoicesOnlineemotet ext heodo ext p5yb34m
2018-06-28 03:54:03http://kakhun.ru/Past-Due-Invoices/Onlinedoc emotet ext epoch1 heodo ext Cryptolaemus1