URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	exeseria.com
Domain registrar:	Webnic
Domain registration date:	2023-06-22 08:57:34 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-07-04 12:31:07 UTC
Total malware sites :	7
Online malware sites :	0 (0%)
Offline Malware sites :	7 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-07-04 12:31:11	91.212.166.30		SBL624670	AS198953 proton66	RU	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-07-04 13:42:06	https://exeseria.com/subordinati	Offline	brt geofenced Gozi ISFB ITA ursnif	JAMESWT_MHT
2023-07-04 12:31:14	https://exeseria.com/	Offline	brt geofenced Gozi ISFB ITA ursnif	JAMESWT_MHT
2023-07-04 12:31:13	https://exeseria.com/aperto	Offline	brt geofenced Gozi ISFB ITA ursnif	JAMESWT_MHT
2023-07-04 12:31:12	http://exeseria.com	Offline	brt geofenced Gozi ISFB ITA ursnif	JAMESWT_MHT
2023-07-04 12:31:12	http://exeseria.com/	Offline	brt geofenced Gozi ISFB ITA ursnif	JAMESWT_MHT
2023-07-04 12:31:11	http://exeseria.com/aperto	Offline	brt geofenced Gozi ISFB ITA ursnif	JAMESWT_MHT
2023-07-04 12:31:11	https://exeseria.com	Offline	brt geofenced Gozi ISFB ITA ursnif	JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-07-04 16:58:55	7d0b3f35f4916e7b988b912715e2e02bc49f6603dfa765a51b8662511868c25a	dll		Gozi
2023-07-04 16:55:28	4d5c45337ef42f8a845b0787cd2b3272efe7286b46ff4f8837edbf4e0aefcd21	zip		Gozi
2023-07-04 16:14:22	3533f1769dc26c6ded05790915fd59acdf3a061c4d0a641a8a07622aefc75201	dll		Gozi
2023-07-04 16:10:08	d013a608ecf17c14d9f817d4e48541d93efe95d06e728b4d669483ff1e401c67	zip		Gozi
2023-07-04 15:34:59	cd011ff00865510ae1f4affe3b6815d8405edc9aad2e4d4d4c75125e7d360572	zip		Gozi
2023-07-04 15:25:26	a13d8b06719cfc2130205f430dea5d0436b1b9bb3d03b34cd0ebe7753f30fab7	zip
2023-07-04 14:58:34	9cd2c8168574eeefc6fa0e1b8a757b6ef82f9142a6e43d86a05168653bb2a32b	zip		Gozi
2023-07-04 14:51:48	30f55eb8b4ecf6949441629e63f3819f8a861982451ee1ffafdd4e497ddfd9ce	zip		Gozi
2023-07-04 14:42:35	894668791d06262dd16740235faa3b1672e2cb5cf171954f29abaca421c09265	dll		Gozi
2023-07-04 14:42:10	689d9603edc0228d287facf70000f764804e38bc14cacd91603d9d8f9c2adfa9	zip		Gozi
2023-07-04 13:53:00	7a9b05ac948cdd3cc8046f1c33e0417d3a88fa91fda249c5a7211dd4fffcbb53	dll		Gozi
2023-07-04 13:51:59	5e5bd3e339d7d5773482afcf9f5cd0aa612b5415a250b83f057201aba3a9af2b	zip		Gozi
2023-07-04 13:49:20	894668791d06262dd16740235faa3b1672e2cb5cf171954f29abaca421c09265	dll		Gozi
2023-07-04 13:40:23	4627ddd3fd354152c5e1b25cd091ffbb951f09d49c39e968bfcf62653012e007	zip		Gozi
2023-07-04 13:33:53	3533f1769dc26c6ded05790915fd59acdf3a061c4d0a641a8a07622aefc75201	dll		Gozi
2023-07-04 13:18:26	602a37a53069e45034608e4dd45d8858bd59e0630d33703524d2ee555c659c55	zip		Gozi
2023-07-04 12:53:44	caa5013876275a07a695742e8f0c232b114ac0bd6669c1d8b694024747c1a64a	zip		Gozi
2023-07-04 12:46:37	105124be1f12a272d606616e5e6273fd87f8d545223103ca93b1c2e18376c7f5	zip
2023-07-04 12:31:11	7a9b05ac948cdd3cc8046f1c33e0417d3a88fa91fda249c5a7211dd4fffcbb53	dll		Gozi
2023-07-04 12:31:10	2870a81354d09f2c2e7f10a41465526d3391e513014d200b7b80a9fc999819c1	zip		Gozi