URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	tumanjo.com
Domain registrar:	GoDaddy
Domain registration date:	2020-01-13 11:55:59 UTC
Spamhaus DBL :	Not blocked
SURBL :	Blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-05-24 05:58:03 UTC
Total malware sites :	14
Online malware sites :	0 (0%)
Offline Malware sites :	14 (100%)
A record(s) observed :	8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-06-23 18:40:46	174.138.93.182		Not listed	AS14061 DIGITALOCEAN-ASN	US	yes
2025-06-16 08:27:12	192.250.229.176	s4143.fra1.stableserver.net	Not listed	AS209341 WHG-FRA	DE	no
2022-10-25 14:06:24	92.204.219.117	117.219.204.92.host.secureserver.net	Not listed	AS21499 GODADDY-SXB	FR	no
2023-01-18 18:17:08	34.98.99.30	30.99.98.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2022-10-03 14:52:31	34.102.136.180	180.136.102.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2022-05-24 05:58:04	160.153.133.146	146.133.153.160.host.secureserver.net	Not listed	AS20773 GODADDY	US	no
2022-06-04 14:10:46	192.124.249.3	cloudproxy10003.sucuri.net	Not listed	AS30148 SUCURI-SEC	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-05-26 11:57:07	https://tumanjo.com/6/data64_6.exe	Offline	32 exe	zbetcheckin
2022-05-25 19:33:04	http://tumanjo.com/8/data64_2.exe	Offline	32 exe RedLineStealer	zbetcheckin
2022-05-25 19:33:04	http://tumanjo.com/8/data64_6.exe	Offline	32 exe	zbetcheckin
2022-05-25 15:55:04	http://tumanjo.com/6/data64_1.exe	Offline	32 exe RecordBreaker RedLineStealer	zbetcheckin
2022-05-25 07:39:05	http://tumanjo.com/9/data64_6.exe	Offline	exe	abuse_ch
2022-05-25 07:38:04	http://tumanjo.com/9/data64_5.exe	Offline	exe RedLineStealer	abuse_ch
2022-05-25 07:38:04	http://tumanjo.com/9/data64_1.exe	Offline	exe RecordBreaker RedLineStealer	abuse_ch
2022-05-25 00:57:04	http://tumanjo.com/8/data64_1.exe	Offline	32 exe RecordBreaker RedLineStealer	zbetcheckin
2022-05-25 00:49:04	http://tumanjo.com/8/data64_5.exe	Offline	32 exe RedLineStealer	zbetcheckin
2022-05-24 17:22:04	http://tumanjo.com/9/data64_2.exe	Offline	32 exe RecordBreaker RedLineStealer	zbetcheckin
2022-05-24 17:22:04	http://tumanjo.com/6/data64_5.exe	Offline	32 exe RedLineStealer	zbetcheckin
2022-05-24 12:57:04	http://tumanjo.com/6/data64_6.exe	Offline	exe	abuse_ch
2022-05-24 05:58:04	http://tumanjo.com/9/data64_4.exe	Offline	32 exe RedLineStealer	zbetcheckin
2022-05-24 05:58:04	http://tumanjo.com/6/data64_4.exe	Offline	32 exe RedLineStealer	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-05-29 16:38:06	0c722728ca1a996bbb83455332fa27018158cef21ad35dc057191a0353960256	exe		RecordBreaker
2022-05-29 16:31:30	0c722728ca1a996bbb83455332fa27018158cef21ad35dc057191a0353960256	exe		RecordBreaker
2022-05-29 16:29:28	0c722728ca1a996bbb83455332fa27018158cef21ad35dc057191a0353960256	exe		RecordBreaker
2022-05-29 16:18:13	0c722728ca1a996bbb83455332fa27018158cef21ad35dc057191a0353960256	exe		RecordBreaker
2022-05-26 11:57:07	9ad06b0e000800a33d381949658dbd0bfd7c7f1025aa5c81621b55f2f69a7a3f	exe
2022-05-25 19:33:04	9ad06b0e000800a33d381949658dbd0bfd7c7f1025aa5c81621b55f2f69a7a3f	exe
2022-05-25 19:33:04	c911528baa904d1f763fbd4f383e44528fbdbb3345403b54c2c92c9ee10294db	exe		RedLineStealer
2022-05-25 15:55:04	959c0ef7180f57d3159570b691671e9a51833c193d9727d374d7965740fb0b57	exe		RedLineStealer
2022-05-25 07:39:04	9ad06b0e000800a33d381949658dbd0bfd7c7f1025aa5c81621b55f2f69a7a3f	exe
2022-05-25 07:38:04	959c0ef7180f57d3159570b691671e9a51833c193d9727d374d7965740fb0b57	exe		RedLineStealer
2022-05-25 07:38:04	56ef21b69e3f7eaaae8a29265ab08fdd0f3401c25ed786dc34169bd0594887f1	exe		RedLineStealer
2022-05-25 06:14:36	9ad06b0e000800a33d381949658dbd0bfd7c7f1025aa5c81621b55f2f69a7a3f	exe
2022-05-25 00:57:04	959c0ef7180f57d3159570b691671e9a51833c193d9727d374d7965740fb0b57	exe		RedLineStealer
2022-05-25 00:49:04	56ef21b69e3f7eaaae8a29265ab08fdd0f3401c25ed786dc34169bd0594887f1	exe		RedLineStealer
2022-05-24 17:22:04	56ef21b69e3f7eaaae8a29265ab08fdd0f3401c25ed786dc34169bd0594887f1	exe		RedLineStealer
2022-05-24 17:22:04	c911528baa904d1f763fbd4f383e44528fbdbb3345403b54c2c92c9ee10294db	exe		RedLineStealer
2022-05-24 13:45:22	45b74ee8834454e9867c7aaafdb50d861b0f645647fcf12c328c156b415af3d6	exe		RedLineStealer
2022-05-24 13:40:46	f7c781616e39d720a321fe772fd3c5963d9b76f4d77cbb863a447b128bab829e	exe		RedLineStealer
2022-05-24 13:39:42	02e6c166c32137a4a9dd3a23977c8742ab0e3207f8d013c3e630b5d974302379	exe
2022-05-24 12:57:04	a0dc657791e6bf1267c8ccb48f337569d9b77f46922c5dd4761010fc7b8f94a6	exe
2022-05-24 05:58:04	627898083243468f15943e3752d0ca2c463d2548316d5ca6bca78972c27cd6ef	exe		RedLineStealer
2022-05-24 05:58:04	6066ada4d9d96be88422f5a2b1fffa410901f9af4308528cbc00145225575e21	exe		RedLineStealer