URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | vcz.us |
|---|---|
| Domain registrar: | n/a |
| Domain registration date: | 2025-11-02 11:18:26 UTC |
| Spamhaus DBL : | Abused domain (malware) |
| SURBL : | Blocked |
| Quad9 : | Blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Blocked |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2025-11-28 18:29:04 UTC |
| Total malware sites : | 10 |
| Online malware sites : | 8 (80%) |
| Offline Malware sites : | 2 (20%) |
| Newest active malware site : | 2025-11-28 18:32:14 UTC |
| Oldest active malware site : | 2025-11-28 18:29:08 UTC (Age: 16 hours, 31 minutes) |
| A record(s) observed : | 1 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-11-28 18:29:08 | 213.232.112.221 | Not listed | AS3214 XTOM |  DE | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-11-28 18:32:14 | http://vcz.us/digi.sh | Online | botnetdomain mirai  sh ua-wget |  BlinkzSec |
| 2025-11-28 18:32:08 | http://vcz.us/uwu | Online | botnetdomain mirai sh ua-wget | BlinkzSec |
| 2025-11-28 18:29:15 | http://vcz.us/xd/dropbear | Online | botnetdomain elf mirai | BlinkzSec |
| 2025-11-28 18:29:15 | http://vcz.us/xd/cameraSpy | Online | botnetdomain elf mirai | BlinkzSec |
| 2025-11-28 18:29:15 | http://vcz.us/xd/i686 | Online | botnetdomain elf mirai | BlinkzSec |
| 2025-11-28 18:29:14 | http://vcz.us/xd/bips | Online | botnetdomain elf mirai | BlinkzSec |
| 2025-11-28 18:29:14 | http://vcz.us/xd/sshd | Online | botnetdomain elf mirai | BlinkzSec |
| 2025-11-28 18:29:13 | http://vcz.us/xd/power | Offline | botnetdomain elf | BlinkzSec |
| 2025-11-28 18:29:13 | http://vcz.us/xd/realpower | Offline | botnetdomain elf | BlinkzSec |
| 2025-11-28 18:29:08 | http://vcz.us/xd/bipsel | Online | botnetdomain elf mirai | BlinkzSec |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-11-28 18:32:14 | 6522acf15c5055afcced5373183ea75c6f3f94a2aa8cc7a5fcc35a6b9cbc3ddd | sh | Mirai | |
| 2025-11-28 18:32:08 | 822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973 | sh | Mirai | |
| 2025-11-28 18:29:15 | 9a1007f0bfd6e5f41b1d20d8e18266b64987e45e36cb28cfe157ad74d9729201 | elf | Mirai | |
| 2025-11-28 18:29:15 | dab585e0ae32b3008c7a8dc5361cd87c99109288aedec4492332091d65068e58 | elf | Mirai | |
| 2025-11-28 18:29:14 | ad38d1ea2dfb6b37002c01f443a0774b7d4c229a40acc99681dd96535248396c | elf | Mirai | |
| 2025-11-28 18:29:14 | 2280dc465356dbae199d9bffe33b45676283eb5ab0f39a9e9a23a72359f74750 | elf | Mirai | |
| 2025-11-28 18:29:14 | 50630e366f508bf9259f0216aa4eb568a5bee5f6124a48b360a057c038c24e86 | elf | Mirai | |
| 2025-11-28 18:29:08 | fc8347124a121e0eab2cec1e397509d54f1f85b22c16294740a6f5d505a85ec6 | elf | Mirai |