URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	kanhafuncity.com
Domain registrar:	GoDaddy
Domain registration date:	2009-03-02 07:37:44 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-20 21:33:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 17:25:57	3.108.150.171	ec2-3-108-150-171.ap-south-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	yes
2022-03-24 19:46:03	3.111.106.118	ec2-3-111-106-118.ap-south-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	IN	no
2022-01-20 21:33:05	34.93.157.87	87.157.93.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	IN	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-20 21:33:05	http://kanhafuncity.com/Fox-C404/iKiX9w2MLkrGpg...	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1
2022-01-20 21:33:05	http://kanhafuncity.com/Fox-C404/iKiX9w2MLkrGpg...	Offline	emotet epoch4 redir-doc xls	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-21 07:22:36	6407591df6ce61f946e24715faa6fba1b1f3221e2baf22f6c4f5a64f1ea98eb5	xls		Heodo
2022-01-21 07:02:31	3ca3bcd5771a06938cc8e8c44cd2c85b794376401b469fad7e5d4b513449fa27	xls		Heodo
2022-01-21 06:46:52	e59173f043483afd41faf0edf28ff91047d48ddbcabe29efe43bbc7d238c9861	xls		Heodo
2022-01-21 06:36:50	5a6ae409ad46c453172d047a1b1d7685cbdcc317653d90c6a968509d1c2229b6	xls		Heodo
2022-01-21 06:18:30	f35abc3dbc3faa333da128234f2b7778969e1ea5f8ef088498cc8ecf325f8a9c	xls		SilentBuilder
2022-01-21 05:58:34	fc79dd33ef2208cbe871b54938ff2ad295a34cb9a720e4995853dfed5761db18	xls		SilentBuilder
2022-01-21 05:42:14	29111d8e5e8306e76660db292e7232ab39e901955014eede21e912c931a09b5f	xls		Heodo
2022-01-21 05:37:24	fd83649a426e706a363449d7dcb503e4bf5b59cc3ab5d5a346e4ed308ec2e2f3	xls		Heodo
2022-01-21 00:04:33	531278b90b12ac32bc7671c1f2a52ccc15afe992249b5dda28ae98885b954c99	xls		Heodo
2022-01-20 23:29:25	39123bd1932920eca6749593bee628c405f8bb88114d8647a5d9db8b5914f46c	xls		Heodo
2022-01-20 23:17:06	79ab6a611483efd4c9e4394ac5c6a91c458857820c4c4b9bdecf0cab92acf8f2	xls		Heodo
2022-01-20 23:02:23	1aa1e797bd106f28bc73e4a09bd4d3eb7a13943ef42f06bda76c41fbca54d0be	xls		Heodo
2022-01-20 22:46:59	a72795a18fa2b90928f307e227b1f1a57590672870b3acc9e8cb0eb4d38bdbff	xls		Heodo
2022-01-20 22:35:56	b069423ac3753a4878bd652c9c55362c541db7529bd0b294ddc47bb7c6475946	xls		Heodo
2022-01-20 22:24:18	8a39d34f5c3133db2f6137b02545e312f05bbdabceda4bd830948380fa4c98c7	xls		Heodo
2022-01-20 21:57:42	3b63534dcaf71bdf8293d2a3ce3310a02d2eda37deac68d5ccbdc89cfbc8f408	xls		Heodo
2022-01-20 21:45:49	245057c2c16d698dc5399ecd43ca39f9e0b35885a19cc42cd2650eb8e17d0c00	xls		Heodo
2022-01-20 21:33:05	817f4c96e056390228a3d9ce57239ad521627a3617b13e4043dc99c91569ffcc	xls		Heodo
2022-01-20 21:33:05	e4f780008a017261cd0d776e1114285978ca6930a7b1a7595fbec29c37b41c80	html