URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | update.bruss.org.ru |
|---|---|
| Spamhaus DBL : | Abused domain (malware) |
| SURBL : | Not blocked |
| Quad9 : | Blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Not blocked |
| ProtonDNS : | Blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2019-02-23 23:10:03 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 2 (100%) |
| Offline Malware sites : | 0 (0%) |
| Newest active malware site : | 2019-02-23 23:10:59 UTC |
| Oldest active malware site : | 2019-02-23 23:10:30 UTC (Age: 7 years, 4 months, 9 days, 17 hours, 32 minutes) |
| A record(s) observed : | 6 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-01-15 19:47:01 | 79.164.142.177 | host-79-164-142-177.qwerty.ru | Not listed | AS8615 CNT-AS |  RU | yes |
| 2026-01-15 11:12:40 | 79.164.233.164 | host-79-164-233-164.qwerty.ru | Not listed | AS8615 CNT-AS | RU | no |
| 2026-01-12 18:49:14 | 79.164.139.141 | host-79-164-139-141.qwerty.ru | Not listed | AS8615 CNT-AS | RU | no |
| 2025-04-27 18:03:18 | 79.164.66.163 | host-79-164-66-163.qwerty.ru | Not listed | AS8615 CNT-AS | RU | no |
| 2025-10-07 05:02:10 | 194.226.41.13 | node1.B13.dnstech.ru | Not listed | AS8985 MSK-IX_Services | RU | no |
| 2019-02-23 23:10:30 | 46.4.39.247 | static.247.39.4.46.clients.your-server.de | Not listed | AS24940 HETZNER-AS |  DE | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2019-02-23 23:10:59 | http://update.bruss.org.ru/hl2dm/Hl2dm_Updater.exe | Online | exe LameUpdater payload stage2 trojan UserAgent |  shotgunner101 |
| 2019-02-23 23:10:30 | http://update.bruss.org.ru/hl2dm/Hl2dm%5FUpdate... | Online | exe LameUpdater payload stage2 trojan UserAgent | shotgunner101 |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-05-09 04:40:09 | f872472a0f2e7abc6c38e30ee1abfd2384c4be864397ceb92b07120749cd701f | exe | ||
| 2025-05-09 01:11:20 | 94f9eef2a8508c6957d267d54fc51e97abcfc7de905e5b074bd91fc30818a276 | exe | ||
| 2025-05-08 22:29:18 | 222d8cf12b4bfa1922e1f16c7cd824141f6e5527946856bc5896a25a62a9d34c | exe | ||
| 2025-05-08 15:57:48 | 94f9eef2a8508c6957d267d54fc51e97abcfc7de905e5b074bd91fc30818a276 | exe | ||
| 2025-05-08 15:40:04 | 40c72d08c69f171fecd229c6316a2f6475d750905eaa9542aa7a75bd344a601e | exe | ||
| 2019-02-23 23:10:59 | 6da7fadf5d6da929cbb73124accf870c1a4a99b40a38328a0431a0598577f8df | exe | ||
| 2019-02-23 23:10:30 | 6da7fadf5d6da929cbb73124accf870c1a4a99b40a38328a0431a0598577f8df | exe |