URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | su.eda1.ru |
|---|---|
| Domain registrar: | RU-CENTER  |
| Domain registration date: | 2007-08-09 20:00:00 UTC |
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Not blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2024-01-01 04:01:04 UTC |
| Total malware sites : | 7 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 7 (100%) |
| A record(s) observed : | 7 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-09-14 13:48:15 | 91.188.246.206 | Not listed | AS48399 AS-LINXDATACENTER | RU | yes | |
| 2025-04-27 10:47:02 | 213.189.220.29 | vm-855dd17b.na4u.ru | Not listed | AS44128 INTERNET-PRO-AS | RU | no |
| 2025-07-14 14:44:01 | 5.129.196.110 | Not listed | AS9123 TimeWeb-AS | RU | no | |
| 2025-05-13 23:47:51 | 45.129.128.77 | Not listed | AS9123 TimeWeb-AS | RU | no | |
| 2025-05-12 20:17:13 | 87.242.107.244 | Not listed | AS50340 SELECTEL-MSK | RU | no | |
| 2024-01-01 04:01:15 | 213.189.216.94 | vm-a6e553ae.na4u.ru | Not listed | AS44128 INTERNET-PRO-AS | RU | no |
| 2025-10-30 05:21:14 | 85.193.70.221 | Not listed | AS48399 AS-LINXDATACENTER | RU | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2024-01-01 04:11:09 | http://su.eda1.ru/dist/kkm/kkm_2335.exe | Offline | 32 exe GuLoader  |  zbetcheckin |
| 2024-01-01 04:11:07 | http://su.eda1.ru/dist/kkm/kkm_new.exe | Offline | 32 exe | zbetcheckin |
| 2024-01-01 04:06:12 | http://su.eda1.ru/dist/kkm/kkm_2337.exe | Offline | 32 exe GuLoader | zbetcheckin |
| 2024-01-01 04:06:08 | http://su.eda1.ru/dist/kkm/kkm_2245.exe | Offline | 32 exe | zbetcheckin |
| 2024-01-01 04:06:07 | http://su.eda1.ru/dist/kkm/kkm_2242.exe | Offline | 32 exe | zbetcheckin |
| 2024-01-01 04:06:07 | http://su.eda1.ru/dist/kkm/kkm_fix_old.exe | Offline | 32 exe | zbetcheckin |
| 2024-01-01 04:01:15 | http://su.eda1.ru/dist/kkm/kkm.exe | Offline | 32 exe GuLoader | zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-01-01 04:11:09 | c45e0bc5947ac8141dce8305bf30acec32d2cee46afc64ec8a68cc6488e286fd | exe | GuLoader | |
| 2024-01-01 04:11:07 | 36b82f3db4e4b1da53252cf0f99ecfab17a09b29783e7c9881f48fe5da6645be | exe | ||
| 2024-01-01 04:06:12 | 893e517f08913e1199a8c77dcc77302c7474cfe4f202c956f4d602d38d777b42 | exe | GuLoader | |
| 2024-01-01 04:06:08 | 1f0c96d7ee0d9664c0085394604a9137abc292a52c871f4bc3b5245627961573 | exe | ||
| 2024-01-01 04:06:07 | 0eb49cae715e2f31551ea4afa64045540ed77ab891ba1864660b74af64a16971 | exe | ||
| 2024-01-01 04:06:07 | d2d3341ddcf1ff2a33413e05391689db8b17d1666b37bd4ef8f7ae3d73ef4352 | exe | ||
| 2024-01-01 04:01:15 | 93ef4244ed371d4be51955474c1713769f7973200030d8d7a5c61877236bcb3c | exe | GuLoader |