URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: wancz.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-08-13 12:59:03 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-10-06 11:46:07 203.210.26.102SBL629053AS138195 MOACKCOLTD-AS-AP- KRyes
2025-06-18 08:14:46 52.223.13.41a74e89cf4458da039.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-04-27 09:25:48 23.227.38.67Not listedAS13335 CLOUDFLARENET- CAno
2020-08-13 12:59:08 49.235.244.56Not listedAS45090 TENCENT-NET-AP- CNno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-08-13 13:03:04https://wancz.com/cgi-bin/private-sector/lzffnm...Offlinedoc emotet ext epoch1 heodo ext spamhaus
2020-08-13 12:59:08https://wancz.com/cgi-bin/attachments/Offlinedoc emotet ext epoch2 heodo ext spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-08-13 17:50:19ea4ab11724bb19ff8c0451069a27cfc6b2de7b7ad0254edd07f3036c265a066fdocHeodo
2020-08-13 17:50:08658b81e912c908e06150b1351a244262cf277f4c99003a8f7599354d478a4657docHeodo
2020-08-13 17:22:21f4ec266b14464dadad86630e4f028e4e59dd7e7b806925e1ea65fa9e277abf11docHeodo
2020-08-13 17:22:15f959a3ec8067a6967f047b19554210234638a6ac9b0bac85e006979f09c33d11docHeodo
2020-08-13 16:50:3183a588405ba4fa2d574428210c47f3cb4a9683985d14a8b6746bd13d4651fbf3docHeodo
2020-08-13 16:50:31f9c8ab13c75b9b4f583962eddd9376163fe85a8e12736648689168bca6f49511docHeodo
2020-08-13 16:31:45cbd048b311c5ccf06b6122168b1b0a72d717f5912a471f21ba2c0ccbf5ccb8cedocHeodo
2020-08-13 16:31:37fdf01790e32780da83434ba20976bbb51b54fadee6bb76b399dac783936926a2docHeodo
2020-08-13 16:19:006a429f70198a9efc77444f176afd5bf1cd97f794e2020e32ffc020c481e42b4adocHeodo
2020-08-13 16:17:028c8c709e2b7cfd3dce74062f2564bef84cafcc329cbfcafbc2c056c35cc38c50docHeodo
2020-08-13 15:57:105dfe99bdd766418f029d534146438a97818581f989d4b2ebf5f92179344000c0docHeodo
2020-08-13 15:57:0957270c211c92893639f45356ac942602a73f44cd8d9f13538b2afd2e300ea475docHeodo
2020-08-13 15:30:46f9f58bee7fe1eb1016a9fbdb3431d2155eb16adb41874649650ecf4e151742a4docHeodo
2020-08-13 15:30:450532eadbdda96ceadb7250d379491c1bb64d6d40b96bc71d551268896fd4bdd6docHeodo
2020-08-13 15:18:138a0a74b31fb30ce1a4adbaa3945c4186c7d467268e76b9ca802905b7cf5fa54edocHeodo
2020-08-13 15:09:19b28a644c94ec07cfbc99912b660b91d890b2304970d93aba2ff03de9aafc1b85docHeodo
2020-08-13 14:46:514d9fb0fc21364011b0155c51ae24085a4371dfad9f32a0569e54d330fdf068ccdocHeodo
2020-08-13 14:45:39479e00f4a39c727821fabea3c681e051bf755f4eb4c10e62f23055ca7f4a9353docHeodo
2020-08-13 14:13:094b99e8df8f724bfea2f32a9274cf4aa0f41b3e57a2b1ec753b17514149c670b2docHeodo
2020-08-13 14:13:08a29171156f8613e2fb07ecaddce758a942371a5df390af684dd26d9eb8c58629docHeodo
2020-08-13 13:51:0422c4bc8c9ad10df54d22ae6a89c1b937d49982a7b9f6ed54798394dc9033c0cbdocHeodo
2020-08-13 13:51:0156700454c24541743b48ffbc93ef4b0f3a6d1a59d461c082c06e8c83f839978adocHeodo
2020-08-13 13:03:15ae0c7dfa89cf0301b64ef4f6b364a1e426c79c80a9d0943916c93f3315ebc907docHeodo
2020-08-13 13:03:04c4d5504614a89515e076eb3766121b4c161bd5c5f3eba280505f77b7f7a69629docHeodo
2020-08-13 12:59:06de8e2f60ffa2bc8e108bf26102f10179cad35d2e30608e1c23886b06e5c97423docHeodo