URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	tool-api.elpix.de
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2019-02-26 09:31:19 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-28 06:21:43	87.79.66.31	static-87-79-66-31.netcologne.de	Not listed	AS8422 NETCOLOGNE	DE	yes
2019-02-26 09:31:20	185.27.255.92		Not listed	AS12581 TOPSNET	DE	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2019-02-26 13:59:08	http://tool-api.elpix.de/files/msg.jpg	Offline	exe Troldesh	zbetcheckin
2019-02-26 09:31:20	http://tool-api.elpix.de/files/pik.zip	Offline	RUS Troldesh zipped-JS	Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2019-03-11 21:28:16	d90ec97536d204fb27b2804ff5a5e2f62db2e56727b0d871e95548e2f41de41e	exe	Ransomware.Troldesh
2019-03-11 00:36:38	504e6455b92f3b343dc8e67318fe98b75e3d07d968f1ef43a81cdf1abc370527	exe	Ransomware.Troldesh
2019-03-06 23:52:33	2710580e6191bfdd72494a6e00548c6a697ad2f88bccc3cc73fc1100b4e60782	exe	Ransomware.Troldesh
2019-03-05 13:48:51	388e56393ae6b4d2ad4c434721060000f6782c412aea274f3465757a114efe04	exe	Ransomware.Troldesh
2019-03-05 10:42:28	4d2b8abe7b2d79eb3cd44171a73a645d2d2370d64e51734208b7ef261b8e21ce	exe	Ransomware.Troldesh
2019-03-04 23:52:31	400295a3f7672579a747ee9d78dd601e023d1d5fffef4358d1473b82eac6cd92	exe	Ransomware.Troldesh
2019-03-04 20:14:41	70bedd8eddd7b0a1d49fdfe8ab46e1f95b3d62c54432b29c9ed7a6f03884902a	exe	Ransomware.Troldesh
2019-03-04 12:36:34	df4a138c802d091e14fa70817b569b2c9a242350f89adabc5677cc605bd342c5	exe	Ransomware.Troldesh
2019-03-04 06:59:43	a1271c366e91dbc3a7f0d6b4b2c1873019056786219c14ad12185ad115771632	exe	Ransomware.Troldesh
2019-03-04 00:20:19	9fd117a49c72a3a351a8ebdb81b4a4d112884fc2fcf2506910c3e353f4237f8d	exe	Ransomware.Troldesh
2019-02-27 11:04:49	8b6eece0776e2704a9f4b599556803bc734f7c57632940968de7c1e5f5404890	zip
2019-02-27 10:33:04	4406c6cd36fecfe22ed6f0afa6fa9e201acd6194ed21ad7093bc9b13f2071887	zip
2019-02-27 10:04:32	e0001bba0b4af63106a3c493a7ba2cf94539ba87b70182d3003db8928f860266	zip
2019-02-26 13:59:08	701d3db21920f78b8ed2eb6b4286f858277928f50d567c9c6594bd1971e9c07e	exe	Ransomware.Troldesh
2019-02-26 12:02:06	c6e73a0864c84c876474f082875bfe3a4fc1ae0fea1525d6b15e7caa50a9e74e	zip
2019-02-26 11:00:19	bd2dd9c058c8183ed03dae29975a7cb58fa0c4a6530ba4d8883fc53c85de495f	zip
2019-02-26 10:29:07	5aff826091c3e74598da176b8c9c7a02c30eb58bf0bdfc76e5ea35d242b1c5b3	zip
2019-02-26 10:00:08	35aedce18fcdd2f341552df86f540b53b38248ef02814fa870fd1ec65fc11a88	zip
2019-02-26 09:31:19	b17063925e5278a0746f6d82ea43d19ad5ec46d5f3602bc11861cd59a6ab677f	zip