URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: exfil.us
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2020-08-10 16:36:13 UTC
Total malware sites :1
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-28 19:33:23 162.0.209.239business99-2.web-hosting.comNot listedAS22612 NAMECHEAP-NET- USyes
2020-08-10 16:36:15 204.197.243.174Not listedAS63410 PRIVATESYSTEMS- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-08-10 16:36:15http://exfil.us/ww12/closed-sector/individual-s...Offlinedoc emotet ext epoch1 heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-08-11 06:05:29c63d69fb1a335468a6aeebc2b8af051bf71cb55b4808a17409b332fc70728b8cdocHeodo
2020-08-11 05:59:029cc9ffc477277e4e3f239e9614780f61763818b20a39f9bbdd64fc1b3239b42adocHeodo
2020-08-11 01:56:54493101a81b243bc896303e65c73263b1664d1887fd631666fbf895c875db3dccdoc Heodo
2020-08-11 01:46:32e4790d41e27c6978baf5ccf9461b74b1e9606fdc7edcb4d2022edafc3d8a6fd6doc Heodo
2020-08-11 01:22:1313c77da9bbdaea66303dfe4cfcb8b5a9f8eae8d46f1e710ab6574c73b2c1d91edocHeodo
2020-08-11 01:08:00ce70fba1cd6c71bfbc91162f8e5d6f99e03ffba2db898e1088139f06cef9c304doc Heodo
2020-08-11 00:51:51bda55acb649535e7d61133cf076b1604f3da829aa4d7b45a7bf3ba27466d9c3adoc Heodo
2020-08-10 23:20:491ff50f088800028624af3ad83890529e6cd409d4c797d27b35f77e33fe36793edoc Heodo
2020-08-10 23:08:12a685d179f34dc5fcb9fdb968d93826a1931f9e729bd7fa6491dc6cacf4ca0c68doc Heodo
2020-08-10 22:55:48230cc48c70942780ddd2cc9327ac6c9b96bd8c1272c1ad0ccde75cced629204adoc Heodo
2020-08-10 22:43:59ab0306c2455e32e50062bce1ae1e34c69f5b6b90faf1e02827ea1333ef8d6df2doc Heodo
2020-08-10 22:31:53d1995ed56b0d8d1b1696cf696e047d70dd9f86f9ba8dfeb1903fa84aa82f3e94doc Heodo
2020-08-10 22:19:053b59369e3166425caaacc1f0c00428539ecec010f83337e7af44a660bc6c7735doc Heodo
2020-08-10 22:12:098bac60fe9c581db6206a5ca49fc3fc76df934a47006c8effcd145a6ab3c70cc8doc Heodo
2020-08-10 21:59:2069a6b1c09608f190a59315faa99814cad90c3eda1f938f379415adb9ce80d7fddoc Heodo
2020-08-10 21:46:393708962d8333f33b8ca2229ccdf932d5f06c2e380b5634afb33c2b29e209e269doc Heodo
2020-08-10 21:34:598f9e5cbc1eaf541061e1c1fd545d23d12c9af3e75781e353cb46b9de8dfd728edoc Heodo
2020-08-10 21:18:396fdba2a3c021e527cc4d508e143f075fee286280cbb58cc759f2c7968248b1c6doc Heodo
2020-08-10 21:05:3947c81bf4ef434b2d8dcc344dd6d8bb166138e0df39808d51dc12f319eb134129doc Heodo
2020-08-10 19:39:08b07e6b18d82a1b8730658e479cec7e7a91bd8f23f429e34de9f652065da22b4ddoc Heodo
2020-08-10 19:33:22b5184411717b5186e80a521f6b70c47091f21c4e9c586d2f565438dfaba70d7ddoc Heodo
2020-08-10 19:18:2521d305c97502379abad7f15c44454ff18239806f9839d1e72f83028893df2fa4doc Heodo
2020-08-10 19:04:596d218e558b2cf4b5f4564d9bbfe8feb68602b363228a53f9c7e7aba48ae19d1ddoc Heodo
2020-08-10 17:33:13098876500a634aa472d3871b18a4ad318ee13f16787cd4abc0f17172bd7a9b6bdoc Heodo
2020-08-10 17:15:17a183ad4b8a0e9fb7dca68946fd71e2382b7d6818ea27d5aeeee1eccb0c15ede7doc Heodo
2020-08-10 16:54:255f408255186026aae91da7dac783ae1d17a15678a5a433632286887f07555709doc Heodo
2020-08-10 16:38:453ba827fdccdc439eb5e92985a6ce5abda57ef7ba59f302f21602034b51e817f9doc Heodo
2020-08-10 16:36:1403c3b83396d5866a19b8173b63e93341e1fb76a16e082ec63d43b8db44d2b9bedoc Heodo