URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	malanche.com
Domain registrar:	GoDaddy
Domain registration date:	2004-06-01 02:48:35 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-07-31 13:44:03 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-09 10:44:47	34.120.137.41	41.137.120.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	yes
2025-04-27 10:19:48	198.12.238.243	243.238.12.198.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2022-07-31 13:44:06	107.180.3.14	14.3.180.107.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-08-01 02:53:10	http://malanche.com/15/data64_4.exe	Offline	32 exe RedLineStealer	zbetcheckin
2022-07-31 19:04:05	http://malanche.com/12/data64_1.exe	Offline	32 exe RedLineStealer	zbetcheckin
2022-07-31 14:50:07	http://malanche.com/10/data64_5.exe	Offline	32 exe	zbetcheckin
2022-07-31 14:50:06	http://malanche.com/10/data64_4.exe	Offline	32 exe RedLineStealer	zbetcheckin
2022-07-31 13:44:06	http://malanche.com/10/data64_1.exe	Offline	exe RedLineStealer	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-08-02 11:30:16	16e0399d622d278200d8e51562e5964a8dd83b75038ff61a7e3b5c82d673025c	exe
2022-08-02 11:28:15	b735fa8fc9cbbc38167c735c7a6469f18a18ea8ca0be2d046161623f2e72fe13	exe
2022-08-02 11:05:29	89a3ea8fd7a04def18a7e12166d04ec26d1e1f812fe65c050ea18f78701f3bc6	exe
2022-08-02 08:36:47	528e90fbf1ba4abf862283ff2d51cc1597b6d38cf88d60c789cfacf9c24610bb	exe		RedLineStealer
2022-08-02 08:34:48	528e90fbf1ba4abf862283ff2d51cc1597b6d38cf88d60c789cfacf9c24610bb	exe		RedLineStealer
2022-08-02 07:18:56	f8a4faacc58569713cc6dd3e5337fb9aa00b404d5534cf336ef8e80e720a6dd9	exe		RedLineStealer
2022-08-02 06:53:23	f8a4faacc58569713cc6dd3e5337fb9aa00b404d5534cf336ef8e80e720a6dd9	exe		RedLineStealer
2022-08-01 22:58:06	d1a56e61d3cf3b1d26864b92605fa9e5714c7717af5f506d8ce8db62c48d3496	exe
2022-08-01 17:29:03	2016dd60a72517cb43207d2ec5b9d0bcec0d560a68a618ccd3004e396bc3b8d7	exe
2022-08-01 10:28:50	eb2d0f880f362c6d8dbecea3be3484d0b78f51dc2399087f3a087b7b07275eaa	exe
2022-08-01 09:09:49	0f5fc01cbe95cabd6abe38adcb78b48aec8e4de23c49097c59790482f60b2cec	exe
2022-08-01 09:09:43	63903853198bf3c13cfd84cec253e2a745ada0d3cf10a00b777f465afabe4ed8	exe
2022-08-01 09:09:18	d4258ff370901bceb934065caa4d830626174c8f7c963bcdacc0ba51cf9de10c	exe		RedLineStealer
2022-08-01 06:53:20	9c06fb9cd1681265c27863ace1271fa191d9fafc715dd1e4cd96607457ed9523	exe		RedLineStealer
2022-08-01 06:50:54	9c06fb9cd1681265c27863ace1271fa191d9fafc715dd1e4cd96607457ed9523	exe		RedLineStealer
2022-08-01 02:53:10	57e59ff44608d3b3bbd16f293a724552b9528a00336d26c70313aa3cf54836b0	exe		RedLineStealer
2022-07-31 19:04:05	2ee10299431f2d13208b63912ca6482751c013dc18f0b9245562d758a62af912	exe		RedLineStealer
2022-07-31 14:50:07	720b95cb817a2585609607ce6823e37f42ec5233863ed5c4072bc38d8357d7b7	exe
2022-07-31 14:50:06	4cc07d33c48084395ed0c7ffcaf9549d9cbe961b7e9c33ef546826cbe3b94817	exe		RedLineStealer
2022-07-31 13:44:06	2ee10299431f2d13208b63912ca6482751c013dc18f0b9245562d758a62af912	exe		RedLineStealer